Electronic device security and tracking system and method

ABSTRACT

A system and method for securing and tracking an electronic device. The system includes hardware, software and firmware components that cooperate to allow tracking, disabling, and other interaction with the stolen electronic device. The system includes an application component, non-viewable component and Basic Input/Output Subsystem (BIOS) component that are present on the electronic device. The BIOS component maintains the secured environment of the application and non-viewable components. If only the application component was provided, a simple low level format of the hard disk drive would remove the application and bypass the security features. The system implements an “application and BIOS” based solution to electronic device security.

CROSS REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. application Ser. No.10/925,161, filed on Aug. 23, 2004, incorporated herein by reference,which in turn claims priority under 35 USC §119(e)(1) to ProvisionalApplication No. 60/497,182, filed Aug. 23, 2003, incorporated herein byreference.

BACKGROUND

Theft of electronic devices containing costly hardware and software hasbecome increasingly common. Such thefts may occur because of the valueof the electronic device hardware or for access to information containedon the electronic device's storage accessories such as credit cardinformation, confidential and proprietary business information, and soon. Another use of the stolen device may be to gain access to serverscontaining confidential information through the electronic device.

Physical attachment of the electronic device to the user or an immovableobject is one way of preventing theft. Password protection schemes mayalso be used to discourage theft or at least stop the thief fromaccessing the information stored on the electronic device. Motionsensors or alarms placed on the electronic device may be anotherimpediment to the would be thief. However, such techniques do not alwaysprevent theft, are costly and once the electronic device is stolen, donot allow tracking or recovery.

SUMMARY

The problems noted above are solved in large part by the electronicdevice security and tracking system and method (ESTSM) that includes aplurality of hardware, software and firmware components that cooperateto allow tracking, disabling, and other interaction with the stolenelectronic device. The ESTSM electronic device (hereinafter “electronicdevice”) and the ESTSM server computer system communicate over acommunication channel to determine if the user has registered for ESTSMservices. The user may be an individual consumer user or acorporate/government user. The corporate/government user's electronicdevice may be part of a corporation's or government organization'scustomized ESTSM system. If the electronic device is not registered forESTSM services, then upon first time power-on and connection to theESTSM server of the electronic device that includes ESTSM software andfirmware, the user is prompted to register for different ESTSM services.Alternatively, ESTSM may remain disabled and the user may register usingtechniques that include but are not limited to selecting a menu optionfor registration or selecting an icon on the electronic device'sdesktop, or via World Wide Web pages from a remote system other than theESTSM device itself. The electronic device may be a laptop computer,desktop computer, wearable computer, server computer system, personaldigital assistant (PDA), cellular telephone, WLAN capable computer,Smart Phone, tablet personal computer, palm top device and so forth.Each of the services may consist of different monthly, yearly ormulti-year service fees or a one time fee for the life of the electronicdevice. After registration is complete, the ESTSM server computer systemcommunicates over the Internet or another communication protocol such asShort Messaging Service (SMS) with the user to determine if anelectronic device has been reported stolen. In accordance with someembodiments of the invention, if the device is reported stolen, theESTSM server may inform the ESTSM device via a secure communicationschannel to take the appropriate action based on the service optionsselected by the user (e.g. disabling the electronic device, destroyingthe storage device (e.g. hard disk drive (HDD)) data, recovering data,encrypting data and more). In some other embodiments of the invention,an automated voice prompting system at a call center or live call centeroperator after authentication of the user may communicate with the userto perform ESTSM activities. All ESTSM activities performed through theInternet may also be performed by the call center includingregistration, reporting a system stolen, reporting system has beenrecovered and so forth.

The ESTSM system may include an electronic device with three componentsand a server computer system. The three components may be an applicationcomponent, a non-viewable component and a Basic Input/Output System(BIOS) component. In some embodiments of the invention, the applicationcomponent includes ESTSM application software that executes under anyWindows® operating system (OS). In other embodiments of the invention,the application component software may execute under the Disk OperatingSystem (DOS), Linux operating system, Windows® CE (and its derivativessuch as Windows® Mobile, SmartPhone, Pocket PC, and so on), Symbian andPalm operating system and others. In some embodiments of the invention,the application component is responsible for communicating over theInternet with the ESTSM server computer system to determine if theelectronic device has been reported stoleri. If the device has beenreported stolen, the application component along with the ESTSM servercomputer system will determine what services the user has registered forand will take the appropriate action (e.g. disable the device,communicate identifying information to the server, erase the storagedevice, recover data, encrypt data, etc).

In some embodiments of the invention, the communication medium may be amessaging protocol such as Short Messaging Service (SMS) used in mobiledevices such as cell phones and computers using Wireless Local AreaNetworks (WLAN) services from wireless service providers such as VerizonWireless®. In such systems, the server computer system would inform theapplication component that the device had been reported stolen withoutthe application component querying the server system to determine if theelectronic device has been reported stolen.

In some embodiments of the invention, the non-viewable component mayreside in a hidden partition on the hard disk drive HDD. Alternatively,in some other embodiments of the invention, the non-viewable componentmay reside in the Host Protected Area (HPA) of the HDD that is notaccessible by the operating system of the electronic device. Thenon-viewable component may include a VALIDATOR program that inspects anESTSM Communications Area (ECA) to determine if the ESTSM applicationcomponents have run correctly during the last system boot. Thenon-viewable component may also contain a copy of the originalapplication component software fileset if the files need to bere-installed to the HDD.

ESTSM also consists of a BIOS component that maintains the securedenvironment of the ESTSM application component. The BIOS componentincludes a secure nonvolatile area that stores critical informationpresent after electronic device power-off and accessible duringelectronic device power-on and boot. If only the application componentwas provided, a simple low level format of the hard disk drive wouldremove the application and bypass all the security features. ESTSMimplements an “application, BIOS and non-viewable component” basedsolution to electronic device security. The ESTSM BIOS components ensurethat a thief cannot bypass or circumvent the ESTSM application fromrunning.

On every boot, the BIOS component will check and ensure that the ESTSMapplication components have not been deleted or tampered with. If theBIOS component detects a problem with any of the application components,it will restore the components from a special hidden partition on thehard disk drive or from system recovery media. In some embodiments ofthe invention, the recovery media may be a floppy diskette but in otherembodiments the recovery media may be a Compact Disc- Read Only Memory(CD-ROM), Universal Serial Bus (USB) key storage device, or otherstorage device accessible during device boot.

In other embodiments of the invention as mentioned above, the electronicdevice in the ESTSM may include a HDD that contains a HPA. The HPA isnot accessible by the operating system of the electronic device or bythe user of the electronic device. An ESTSM application componentincluding ESTSM application software may be present on the HDD. The HPAmay include an ESTSM non-viewable component. The ESTSM electronic devicemay also include an ESTSM BIOS component that is capable ofcommunicating with the non-viewable component and application component.An ESTSM server computer system communicates with the other componentsthrough an ESTSM Communications Area (ECA) located on the HDD.

In some embodiments of the invention, the ESTSM system may include anelectronic device with a BIOS component, an application component and aserver computer system. On every boot, the BIOS component will check andensure that the ESTSM application components have not been deleted ortampered with. If the BIOS component detects a problem with any of theapplication components, it will assume that the ESTSM applicationcomponents will be installed by the user of the electronic device. Ifthe application component is not installed after a number ofunsuccessful attempts, the BIOS component will prevent the user fromaccessing the electronic device. The application component may beinstalled by downloading from the ESTSM website or from recovery mediathat came with the device.

In some other embodiments of the invention, the electronic device in theESTSM includes a Flash memory and may be a PDA, mobile cellulartelephone or WLAN capable computer. The Flash memory may contain achangeable area and a system area. The system area is not changeable bythe user of the electronic device. The ESTSM application software mayreside in the changeable area or the system area depending on thesecurity requirements of the device implementation. An ESTSM servercomputer system communicates to the ESTSM application software on theelectronic device through communication channels that may be theInternet, a wireless medium (such as SMS), a combination of the two, andso on. The PDA, mobile cellular telephone or WLAN capable computer maybe continuously connected to the ESTSM server computer system through analways-on Internet connection or other mobile device communicationprotocols such as Short Messaging Service (SMS).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a screen shot of the registration reminder for the ESTSM;

FIGS. 2 a-2 b show screen shots of the service offerings and selectionpage for the ESTSM;

FIGS. 3 a-3 c shows screen shots of the user registration andinformation input pages for the ESTSM;

FIG. 4 shows a screen shot of a new user registration email sent to auser after they have registered their electronic device with ESTSM;

FIG. 5 shows a screen shot of the login page for connecting to ESTSMserver computer system in accordance with one embodiment of theinvention;

FIG. 6 shows a screen shot of the device registry web page that residesin the ESTSM server computer system in accordance with one embodiment ofthe invention;

FIG. 7 shows a screen shot of the electronic device status web page thatresides in the ESTSM server computer system in accordance with oneembodiment of the invention;

FIGS. 8 a-8 b show screen shots of web pages that allow a user to reporta stolen electronic device in accordance with one embodiment of theinvention;

FIG. 9 shows a screen shot of an email containing locationidentification information for a stolen electronic device in accordancewith one embodiment of the invention;

FIG. 10 shows a screen shot from another computer system that candisplay web pages of a registration web page for ESTSM on a PDA;

FIG. 11 shows a screen shot of the service offerings for an ESTSMenabled PDA using another computer system capable of displaying webpages;

FIG. 12 shows a screen shot for registration of a PDA with ESTSM inaccordance with one embodiment of the invention that requests the userenter the registration key on their PDA;

FIG. 13 shows for one embodiment of the invention a screen shot from aPocket PC requesting the user enter the registration key shown in FIG.12;

FIG. 14 shows a screen shot from a Pocket PC displaying a confirmationkey generated after the user enters the registration key;

FIG. 15 shows a screen shot from a computer system capable of displayingweb pages of Pocket PC verification requesting the user enter theconfirmation key from the Pocket PC display;

FIG. 16 shows a screen shot from a computer system capable of displayingweb pages of a successful registration message for a PDA;

FIG. 17 shows a screen shot from a computer system capable of displayingweb pages indicating that the PDA is currently secured;

FIG. 18 shows a screen shot of the user authentication screen inaccordance with one embodiment of the ESTSM invention that may be usedby a call center operator to verify the identity of a user;

FIG. 19 shows a screen shot of the welcome page for corporateadministration of ESTSM;

FIG. 20 shows a screen shot of corporate information input andmodification by the administrator;

FIG. 21 shows a screen shot of a web page that allows a corporateadministrator to register a user for ESTSM;

FIG. 22 shows a screen shot of a web page that allows a corporateadministrator to remove a user's access to ESTSM;

FIG. 23 shows a screen shot of a web page that allows a corporateadministrator to purchase licenses for services in ESTSM;

FIG. 24 shows a screen shot of a web page that allows a corporateadministrator to purchase licenses to upgrade or modify services inESTSM;

FIG. 25 shows a screen shot of a web page that allows a corporateadministrator to give permission to users to report their computerstolen in accordance with one embodiment of the invention;

FIG. 26 shows a screen shot of a web page showing menu optionsselectable by a corporate administrator for administration of ESTSM;

FIG. 27 shows a screen shot of a web page that allows a corporateadministrator to create a corporate ESTSM account and register asuper-user;

FIGS. 28 a-28 b show screen shots of a web page requesting a corporateadministrator to enter a purchase order quotation number for basic orupgraded ESTSM services;

FIG. 29 shows a screen shot of a web page that allows a corporateadministrator to send an email to a user indicating activation of ESTSM;

FIG. 30 shows a screen shot of a web page that allows a corporateadministrator to reset a login and password for a user;

FIG. 31 shows a screen shot of a web page that allows a corporateadministrator to override ESTSM on an electronic device using agenerated password;

FIG. 32 shows a screen shot of a web page that allows a corporateadministrator to stop a machine or user from accessing ESTSM services;

FIG. 33 shows a screen shot of a web page that allows a corporateadministrator to view the status of an electronic device using themachine id or a user login assigned to the device;

FIG. 34 shows a screen shot of a web page that allows a corporateadministrator to recover an electronic device that has been reportedstolen using a generated password;

FIG. 35 shows a screen shot of a web page that allows a corporateadministrator to change the settings of the ESTSM server;

FIGS. 36 a-36 b show screen shots of web pages that allow a corporateadministrator to change administrator login and master passwords;

FIG. 37 shows the state transitions of an electronic device from a notregistered state to registered and active state;

FIG. 38 shows the state transitions of an electronic device from a notregistered state to registered and active state with the device passingthrough a never remind state;

FIG. 39 shows the state transitions of an electronic device from aregistered and active state to deregistered state;

FIG. 40 shows the state transitions of an electronic device with ESTSMthat is reported stolen and then recovered;

FIG. 41 shows the state transitions of an electronic device from aregistered and active state to override state;

FIG. 42 shows the states of an electronic device registered and activewith ESTSM and including the data destroy service;

FIG. 43 shows the states of an electronic device registered and activewith corporate ESTSM in which the corporate user of the device isremoved from ESTSM;

FIG. 44 shows the architecture of ESTSM including an electronic deviceand server computer system in accordance with one embodiment of theinvention;

FIG. 45 shows the architecture of ESTSM in accordance with some otherembodiments of the invention for PDA or mobile phone connected to servercomputer system;

FIG. 46 shows another embodiment of the ESTSM architecture including anelectronic device and server computer system;

FIG. 47 shows another embodiment of the ESTSM architecture including anelectronic device with a WWW component and server computer system;

FIG. 48 shows the architecture of ESTSM in accordance with anotherembodiment of the invention for an electronic device with ShortMessaging Service (SMS) connected to server computer system;

FIG. 49 shows a schematic of a computer system that includes a BIOScomponent, application component and non-viewable component inaccordance with one embodiment of the invention;

FIG. 50 shows a schematic of a cellular telephone that includes anapplication component in a system area in accordance with anotherembodiment of the invention;

FIG. 51 shows a schematic of the ESTSM server computer system of FIGS.44-47 in more detail in accordance with one embodiment of the invention;

FIG. 52 shows the connections between the primary and secondary serverscontained in the web server of FIG. 51 in accordance with one embodimentof the invention;

FIG. 53 is a flow diagram of the BIOS component of the ESTSM inaccordance with some embodiments of the invention;

FIG. 54 is a flow diagram of the VALIDATOR program in the non-viewablecomponent of the ESTSM in accordance with some embodiments of theinvention;

FIG. 55 is a flow diagram of the application component of the ESTSM inaccordance with some embodiments of the invention;

FIG. 56 shows encrypted and encoded communication between a clientelectronic device and the ESTSM server computer system in accordancewith one embodiment of the invention;

FIG. 57 shows encryption and encoding of information by the clientelectronic device and decoding and decryption of information by theserver computer system;

FIG. 58 is a flow diagram implemented in the client and server forencoding binary data into text format data in accordance with oneembodiment of the invention;

FIG. 59 is a flow diagram implemented in the client and server fordecoding text format data into binary data in accordance with oneembodiment;

FIG. 60 is a flow diagram showing encryption and encoding of SMSmessages from SMS server to SMS enabled ESTSM electronic device inaccordance with one embodiment of the invention;

FIG. 61 is a flow diagram showing decoding and decryption of SMSmessages in accordance with some embodiments of the invention;

FIG. 62 a is a flow diagram showing integration of ESTSM BIOS imagefiles into system BIOS of the electronic device in accordance with oneembodiment of the invention;

FIG. 62 b is a flow diagram showing integration of the ESTSM option ROMinto a BIOS binary image;

FIG. 63 shows in accordance with another embodiment of the inventionintegration of ESTSM BIOS image files into electronic device system BIOSusing BIOS editor;

FIG. 64 shows in accordance with another embodiment of the inventionintegration of ESTSM BIOS image files into electronic device system BIOSusing BIOS Configuration utility;

FIG. 65 show screen shots of the service offerings for the ESTSM mobiledevice;

FIG. 66 shows screen shots of the user registration and informationinput pages for the ESTSM mobile device such as a Smart Phone;

FIG. 67 shows a screen shot from a computer system capable of displayingweb pages of a successful registration message for a mobile device;

FIG. 68 shows a screen shot of the mobile device status web page thatresides in the ESTSM server computer system in accordance with someembodiments of the invention;

FIG. 69 shows a screen shot of the backup files web page for a mobiledevice that resides in the ESTSM server computer system in accordancewith some embodiments of the invention;

FIG. 70 shows a screen shot from a mobile device indicating that thedevice has been disabled;

FIG. 71 is a flow diagram showing implementation of ESTSM on mobiledevices; and

FIG. 72 shows the state transitions of a mobile device with SMS messagesfor activation and operation of ESTSM services.

DETAILED DESCRIPTION

The ESTSM consumer user (i.e. non-corporate user) experience consists oftwo phases: (1) the registration phase and (2) administration phase viathe ESTSM website. In the registration phase, the user creates anaccount with ESTSM, specifies what ESTSM services he wishes to purchase,and provides user and billing information to complete the registration.

Once registration is complete, the typical user will not interact withESTSM until the electronic device is stolen. At that time, the user canlog into the ESTSM website. Once logged in, the user can report thedevice as stolen, disable the device, or perform other deviceadministration tasks. The user may also initiate all ESTSM deviceadministration tasks through a call center that can validate theidentity of the user and perform administrative tasks on the user'sbehalf.

After registration is complete, the ESTSM server computer systemcommunicates over the Internet with the user to determine if theelectronic device has been reported stolen. In accordance with someembodiments of the invention, if the device is reported stolen, theESTSM server will instruct the electronic device to take the appropriateaction based on the service options selected by the user (e.g. disablingthe electronic device, destroying the hard disk drive (HDD) data,recovering data, encrypting data and more).

When the user purchases the electronic device, the ESTSM components maybe pre-installed by the manufacturer of the electronic device. In someembodiments of the invention, the ESTSM registration screen shown inFIG. 1 will come up when the user starts using his electronic device andthe ESTSM system determines that the electronic device is notregistered. The ESTSM system determines if the electronic device isregistered or not by communicating with the ESTSM server computersystem.

In another embodiment of the invention, the user may request themanufacturer of the device to preregister the user for ESTSM servicesafter the manufacturer builds the electronic device. In some alternativeembodiments of the invention, the device may be preregistered for ESTSMservices at the location (e.g. retail store) where the device ispurchased. In one embodiment of the invention, the initial fees for theESTSM services as described below may be included by the manufacturer inthe price of the electronic device or may be discounted as a salespromotion for the device.

In some other embodiments of the invention, the ESTSM system may beprovided to the manufacturer of the electronic device without charge orfor a very small fee. The user of the device may select the ESTSMservices they want and the revenue generated may be shared by themanufacturer and ESTSM administrator. Thus, the user may “opt-in” topurchase the ESTSM services. In some embodiments of the invention, theESTSM services may be offered to the user of the electronic device on atrial basis for a limited time.

The user can proceed with the registration process at this point, orchoose to register at a later time or never. If the user chooses toregister at a later time, the ESTSM will remain disabled and the usermay register using techniques that include but are not limited toselecting a menu option for registration or selecting an icon on theelectronic device's desktop. If the user proceeds with the registrationprocess, the user will be asked to specify if they are a “new user” oran “existing user” that has other electronic devices running ESTSM. Thenext stage as shown in FIGS. 2 a-2 b is to choose the ESTSM services forthe electronic device.

FIGS. 2 a-2 b shows the service selection screen that may include thecost of each service and the number of services offered. The servicesoffered and the cost of each service may vary based on the manufacturerand model of the electronic device, the market segment of the electronicdevice (i.e. business device, home use device) and what the manufacturerhas chosen to include for the device. Some manufacturers may want tochange the pricing of the services, or offer bundled services to theuser. For one embodiment of the invention, as shown below, is a list ofthe typical services available to the user and the associated costs.

-   -   1. Basic Service—with this service the user has the ability to        have the electronic device disabled when it is stolen. However,        the location of the stolen electronic device is not tracked and        no other operation is performed.    -   2. Tracking Service—with this service, the location of the        stolen electronic device will be tracked and the location report        information is sent to the user of the electronic device via        email (or the user can call a monitoring station to get the        information). There are two sub-options under the tracking        service: Track-and-Disable or Continuous Track. In the        Track-and-Disable option, the location of the electronic device        is captured one time and then the electronic device is disabled.        In the Continuous Track option, the location of the electronic        device is constantly tracked until the user manually disables        the electronic device from the ESTSM website. Electronic devices        such as cell phones because they are mobile and cannot be easily        tracked may not offer this service.    -   3. Data Destroy Service—with this service, the hard disk of the        stolen electronic device is erased when the thief connects the        electronic device to the Internet. This service has two        sub-options: (1) Automatically Erase when the electronic device        is connected to the Internet, or (2) Manual Erase, the user must        manually specify when to erase the hard disk drive via the ESTSM        website.    -   4. Third Party Insurance Signup—with this service, ESTSM will        re-direct the user to the website of third party companies that        will assist the user in signing up for theft and damage        replacement insurance for their electronic device.

In some embodiments of the invention, due to the extendible design ofESTSM, new services can be added into the ESTSM registration process asgiven below:

-   -   1. Data Encryption Service—with this service, a virtual file        folder called “My Encrypted Documents” is created on the desktop        of the electronic device. In some embodiments of the invention,        all files saved in this folder are encrypted by encryption        techniques built into the operating system. Access to the folder        is denied unless the system is connected to the Internet and the        electronic device has not been reported stolen. If the system is        not connected to the Internet, the user can optionally enter the        ESTSM username and password to get access. In another embodiment        of the invention, the user may designate any virtual file folder        in the electronic device as an “ESTSM Encrypted Folder.”    -   2. Data Recovery Service—this service will allow a user to        specify critical files and in the case of theft, the software        will first recover these files to the ESTSM server computer        system, before performing other service option actions. In one        embodiment of the invention, a virtual file folder called “My        Critical Files” is created on the desktop of the electronic        device. The user may store the actual files, copies of files, or        shortcut pointers to files in this folder that they want to        recover if the electronic device is stolen. In another        embodiment of the invention, right clicking a mouse button with        the pointer pointing to a file displays a menu allowing the user        to mark the file as a “Critical File.” The file's icon is        modified to indicate that it will be recovered if the electronic        device is stolen. This embodiment of the invention allows the        file to be present anywhere on the HDD of the electronic device        rather than in a specific file folder. Another embodiment of the        invention may use both the virtual file folder “My Critical        Files” as well as files marked as “Critical Files” to indicate        files that will be recovered if the electronic device is stolen.

In the preferred embodiment of the invention, most of ESTSM services arebased on a yearly fee model. Some services such as data recovery may bebilled on a per megabyte basis-that is, the user indicates the number ofmegabytes to be recovered during registration and is billed accordingly.However, if the electronic device is stolen and during data recoverymore megabytes are recovered, then a one time fee is charged to theuser. The user will automatically be billed at the end of the year torenew the service for one more year. The user will be sent an emailbefore billing to give the user a chance to cancel the service if theywish.

The next stage in the registration phase is to create the username andpassword as shown in FIGS. 3 a-3 b that can be used to log onto theESTSM website to report a stolen electronic device, etc. Once that iscompleted, the user must provide his user information (name, address,phone number, and so forth) as shown in FIG. 3 c so that the monitoringstation can identify the user if the user calls the monitoring stationto report a theft.

The final part of the registration phase is to provide the billinginformation for the ESTSM services. This requires the input of a creditcard number, debit card number, or checking account number. Theinformation is then validated, the credit card or other billing means ischarged and a confirmation email as shown in FIG. 4 is sent to the enduser, corporation or insurance company that just completed theregistration. The user will have to click a link at the end of the emailto activate the ESTSM on that electronic device. In some embodiments ofthe invention, periodic ESTSM service charges may be billed by addingthese charges to the existing electronic device bill. For example, ESTSMmonthly service charges may be added to the users' existing mobile phonebill for ESTSM registered mobile phones.

As mentioned above, ESTSM provides a website from which the user mayadminister the ESTSM services on the electronic device. In someembodiments of the invention, corporate users may have limitedadministrative capabilities because of their access permissions(described in more detail below). As shown in FIG. 5, the user mustfirst log into the website using the username and password that wascreated during the registration phase. A user without access to theInternet (i.e. his electronic device was stolen), can call the ESTSMmonitoring station to perform the administrative functions describedbelow for the electronic device.

Once the user has logged into the ESTSM website, the main ESTSM menu inaccordance with one embodiment of the invention is presented as shown inthe left hand portion of FIG. 6. In some embodiments of the invention,corporate and noncorporate users may have different ESTSM menus.

The “Device Registry” portion of the page in FIG. 6 shows all theelectronic devices the user currently has registered with ESTSM. Byclicking on a device image from the “Device Registry” page of the ESTSMwebsite, the user is taken to the “Device Status” page shown in FIG. 7.On the “Device Status” web page for each device, the user can performthe following tasks: (1) View the status of the user's electronicdevices running ESTSM; (2) Report an electronic device stolen; (3)Recover and re-enable a stolen system that has been found; (4) Upgradeor change the ESTSM service options; (5) Show the Billing and ElectronicDevice Location/Status Logs; (6) Perform User Management functions suchas changing the user information, password and billing information; and(7) Perform Data Management functions such as viewing recovered data andtransferring recovered data to another device.

As shown in FIG. 7, the “Device Status” page shows for each electronicdevice, the Model Name, System Description, Current State, ESTSMServices Active on the Device, and Last Connection to ESTSM Server.Depending on the Current State and the services selected by the user,certain task buttons will appear below the electronic deviceinformation. These task buttons let you perform different operations onthe device (e.g. report the electronic device stolen and so forth). Asshown in FIG. 7, the user may click on the button labeled “ReportStolen” to start the process of reporting an electronic device stolen.The user will be taken to the “Report a Stolen Device” web pages shownin FIGS. 8 a-8 b. The user fills out the information on the web page togenerate a theft incident report and the ESTSM site will log this reportso that it may be given later to the appropriate authorities as proof offiling the theft incident report. This documentation may be provided tothe user upon request.

Once the report is completed, the electronic device will be put in theREPORTED STOLEN state (states of ESTSM are described in detail below).At this point, if the electronic device is connected to the Internet,the electronic device state will change to either BEING TRACKED orDISABLED state.

In some other embodiments of the invention, mobile devices such as cellphones, Smart Phones, and Wireless Local Area Network (WLAN) capablecomputers that may be always connected to the ESTSM server and contactedat anytime by the server can communicate through a message passingscheme. Message passing schemes may be SMS, WWW message passing protocolbased on Transmission Control Protocol/Internet Protocol (TCP/IP), orMultimedia Messaging Service (MMS). The state diagram for mobile devicesare shown in FIG. 72.

If the electronic device is in the BEING TRACKED state, the user willreceive an email, an example of which is shown in FIG. 9, documentingthe location of the stolen electronic device. This location informationmay contain the following information: (1) IP address of the stolenelectronic device (2) domain name on the Internet of the stolenelectronic device (3) owner of the domain name (4) contact informationfor the domain name owner (5) name and contact information of theInternet Service Provider (ISP) and (6) date and time of IP addressconnection.

With this information, the user may pursue recovery with the appropriateauthorities. The information provided may be used to track the exactlocation of the electronic device. For example, ISPs may identify thenetwork port, cable modem or phone number from which the electronicdevice was connected when provided with the IP address, date and time ofthe connection. A location tracking report email will be sent to theuser each time the electronic device is connected to the Internet. Ifthe “Track and Disable” service option is selected, by the user, thenonly one tracking location will be recorded since the electronic devicewill be automatically disabled once the location is recorded.

In another embodiment of the invention, ESTSM registration as shown inFIG. 10 for a PDA, mobile cellular telephone, or Smart Phone device maybe performed using another computer system that can display ESTSMregistration web pages. In some embodiments of the invention, adifferent set of ESTSM services as shown in FIG. 11 may be offered forthe PDA. Thus, the manufacturer may offer, but not limited to, a Basicservice and a Data backup service for the device as shown in FIG. 11.

After the user has selected the ESTSM services for their PDA, in someembodiments of the invention, the ESTSM system as shown in FIG. 12 mayrequest that the user interact with the ESTSM application on the PDA andenter the registration key into the device as shown in FIG. 13. Enteringthe registration key into the device may be the first step to start amulti-step registration process that ensures that the correct electronicdevice is being registered. The PDA will then display a confirmation keyas shown in FIG. 14. The user through the computer system capable ofdisplaying ESTSM web pages may then enter into the PDA verification,screen shown in FIG. 15 the confirmation key and a system description.The registration process for the PDA is successfully completed as shownin FIG. 16 and the device is secured as shown in FIG. 17. In some otherembodiments of the invention, ESTSM registration may not require anyuser intervention with the ESTSM electronic device except anacknowledgement from the user at the end of the successful registration.

In another embodiment of the invention, an automated voice promptingsystem at a call center or live call center operator afterauthentication of the user as shown in FIG. 18 may communicate with theuser to perform ESTSM activities. All ESTSM activities performed throughthe Internet may also be performed by the call center includingregistration, reporting a system stolen, reporting system has beenrecovered and so forth.

In most business or government organizations, a central IT staff isresponsible for configuring, maintaining and purchasing licenses forelectronic devices. ESTSM is designed to work easily in controlledcorporate or government environments. Electronic devices registered tocorporations or government entities using corporate/governmentregistration may contain a different set of administration pages anduser pages as compared to non-corporate users. In one embodiment of theinvention, the corporate web pages may be as shown in FIGS. 19-25. Webpages for government entities would be similar to the corporate webpages shown in FIGS. 19-25. Corporate ESTSM systems may be designed tobe centrally maintained and administered as required by corporatecustomers. When a corporate account is created, a central administratoror manager is specified. The central manager can then create othermanagers and users and purchase and assign licenses to these managersand users as shown in FIGS. 21 and 23-24. As shown in FIG. 21, thecentral manager can assign user permissions to other managers. Thus, thecorporation can control which users are allowed to report stolenelectronic devices as shown in FIG. 25, remove users as shown in FIG.22, purchase more licenses, upgrade services, etc.

For electronic devices registered to corporations or governmententities, the ESTSM may contain the user's position within the companyand associate user permissions with that position as shown in FIG. 21.Thus, if a user leaves the company, the electronic device may beassigned to another employee transparently and without any change inservice fees. The ex-employees account information on ESTSM may bedisabled and removed as shown in FIG. 22, so that the ex-employee maynot falsely report an electronic device stolen to disable access to thedevice.

Another embodiment of the registration and administration technique forelectronic devices in ESTSM for corporations is shown in FIGS. 26-36b. Acorporate administrator may access the ESTSM server computer systemlocated in the monitoring station by calling the monitoring station orthrough the Internet. In another embodiment of the invention, thecorporation or government entity may have the ESTSM server computersystem located within their own premises for greater security andcontrol. In this embodiment of the invention, the administrator canaccess the server system through a terminal connected to the server orfrom a computer system at a remote site connected to the server systemthrough the Internet.

The corporate or government entity can setup a corporate account to useESTSM. The corporation or government entity can purchase serviceslicenses in “bulk” (i.e. 100 Data Destroy Services, 50 TrackingServices, etc). The licenses can be paid for via standard purchasingmethods such as Purchase Orders as shown in FIGS. 28 a-28 b, net 30 dayterms, etc. The corporation or government entity receives a licensenumber for each purchase. This license number is given to the end usersin the corporate or government entity who will consume the license.Alternatively, the corporation or government entity may pay anon-recurring one time fee for individual services.

The corporate or government end user will register in a similar fashionas described above. However, in one embodiment of the invention, whencreating the username and password, the user can enter the licensenumber for the “License Number” field as shown in FIG. 3 a. In thisembodiment of the invention, the end user will not be required to selectthe services as they will be determined by the services paid for in thelicense number. Also, the end user will not have to provide a creditcard or other form of payment.

The administrator of the corporate or governmental ESTSM account canmanage and configure the electronic devices in the corporation orgovernment entity that have the ESTSM application installed. Thus, forexample, the administrator may re-send an activation email to a user ofan ESTSM enabled electronic device as shown in FIG. 29 or send a loginand password reminder to the user as shown in FIG. 30. The administratormay override an individual user's access to an electronic device asshown in FIG. 31, deregister an electronic device from the ESTSM system,or remove user access to ESTSM enabled electronic devices as shown inFIG. 32. The current state of the electronic device (ACTIVE, REPORTEDSTOLEN, BEING TRACKED, DISABLED, HALF-RECOVERED, and so on as describedin detail below) registered with ESTSM may be viewed by the corporate orgovernment administrator by entering the machine id, the login id of theuser, mobile phone number, or any other ESTSM device specificidentification as shown in FIG. 33. The administrator can also performother administrative tasks such as recover an ESTSM enabled system asshown in FIG. 34, change server settings as shown in FIG. 35, or changethe administrator login password or administrator master password asshown in FIGS. 36 a-36 b.

The administrator may add new users to the ESTSM system and designatethe rights and permissions of users so that these users haveadministrator capabilities. Users on a corporate or governmental ESTSMaccount may heave permission to report their ESTSM device stolen,perform user management functions, and so forth.

As mentioned above and shown in FIG. 7, the “Device Status” pagedisplays task buttons below the electronic device information. The taskbuttons displayed depend on the current state of ESTSM and the servicesselected by the user. The task buttons let the user perform differentoperations on the device (e.g. report the electronic device stolen andso forth).

Each electronic device can have one of the following current states:ACTIVE, REPORTED STOLEN, BEING TRACKED, DISABLED and HALF-RECOVERED. Thedefinition of each of the states is given below:

-   -   1. ACTIVE—This state indicates that ESTSM is actively running on        the electronic device. The electronic device has not been        reported stolen.    -   2. REPORTED STOLEN—This state indicates that the electronic        device has been reported stolen by the user, but the electronic        device in some embodiments of the invention has not communicated        with the ESTSM server after being reported stolen.    -   3. BEING TRACKED—This state indicates that the electronic device        has been reported stolen by the user and the electronic device        has communicated with the ESTSM server. The ESTSM server has        captured location information of the stolen device. Once the        system is in the BEING TRACKED state, other actions can be        performed such as disabling the electronic device (if the        Continuous Track option has been selected) or erasing the hard        disk drive (if Manual Data Destroy Service has been selected).    -   4. DISABLED—The stolen electronic device has been disabled by        ESTSM. The system is now in the locked state and can not be        used. If the system is recovered by the user, they will need to        obtain the activation password to re-enable access to the        electronic device.    -   5. HALF-RECOVERED—This state indicates that the electronic        device has not been totally recovered. The user of the        electronic device has reported that the device has been        recovered. The user must enter the activation password on the        electronic device to re-enable access.

The ESTSM system may also be in one of these other states:

-   -   1. NOT REGISTERED—The electronic device is not registered with        the ESTM system. The device will be in this state if the user        chooses not to register with ESTSM when prompted to do so upon        first time power-on of the electronic device.    -   2. DE-REGISTERED—ESTSM is no longer active on this electronic        device. The user may want to put the electronic device in this        state in the event that the transfer of electronic device from        one user to another is to take place. Once the electronic device        is placed in the DE-REGISTERED state, the user must re-register        the electronic device (which may involve re-paying service fees)        to re-activate the electronic device.    -   3. USER REMOVED—For users of a corporate ESTSM system, the ESTSM        corporate administrator may remove a user's access rights to the        ESTSM system. This situation may occur when the user leaves the        company.    -   4. NEVER REMIND—This state indicates that the user of the        electronic device does not want to be reminded to register with        the ESTSM system. This state may be entered if the user        activates the “Never Remind” option in the registration process.        After activating “Never Remind”, the user may register with        ESTSM by manually selecting “Register Now” option on the ESTSM        application icon and successfully completing the registration        process.    -   5. REGISTERED NOT ACTIVATED—In this state the user has        successfully registered the electronic device through the        registration process but has not clicked on the link sent with        the activation email to complete the registration process.    -   6. GOING TO DISABLE—This state indicates that the user has        selected the “Disable” option after the electronic device has        been reported stolen and is being tracked.    -   7. OVERRIDE—This state indicates that ESTSM has been disabled        temporarily by the user. This may be because the application        component is not able to communicate with the ESTSM server        computer system. To use the electronic device while in this        state, the user enters an activation password when prompted with        a warning.    -   8. ERASE HARDDISK—This state indicates that the user selected        “Data Destroy Services” option when registering with the ESTSM        system. This state is entered after the user reports the        electronic device as stolen and the device is connected to the        Internet and tracked.    -   9. ACTIVATION PENDING—A message has been sent to the electronic        device and the ESTSM server is waiting for an acknowledgment.    -   10. DISABLED DATA BACKUP—This state indicates that the        electronic device is disabled after the data on the electronic        device has been backed up.    -   11. ACTIVE DATA BACKUP—This state indicates that the device has        been re-enabled after it was in the DISABLED DATA BACKUP state        and a successful acknowledgment is received from the electronic        device. In this state, the user may restore the data back on the        electronic device from the backup on the ESTSM server.    -   12. BACKUP IN PROGRESS—In this state the electronic device has        been disabled and the ESTSM server is in the process of getting        the data from the device.    -   13. RESTORE IN PROGRESS—The user has requested that the data        backed up on the ESTSM server be restored into the electronic        device and the restore is in progress.    -   14. ENABLE PENDING—This state indicates that the stolen        electronic device has been re-enabled and the ESTSM server has        sent the message to the electronic device and is awaiting        acknowledgment.    -   15. ENABLE AFTER RECOVERY—This state indicates that the        electronic device was enabled from either the BACKUP IN PROGRESS        state or the DISABLED DATA BACKUP state. The electronic device        is sent a message and the state is changed after receiving a        confirmation.

Turning now to FIGS. 37-44 and FIG. 72, state diagrams including thestates described above and the conditions to enter and exit the statesare shown. FIG. 37 shows the states and transitions of an electronicdevice in ESTSM from a not registered state to registered and activestate. After the user goes through the registration process 3720, anelectronic device in the not registered state 3710 transitions into theregistered and not activated state 3730. Once the user clicks on anactivation email 3740 on the electronic device or calls an activationtelephone number, the device becomes registered and active 3750.

Referring to FIG. 38, the states and transitions of an electronic devicein ESTSM from a not registered state to registered and active state withthe device passing through a never remind state are shown. If the userclicks the never remind option shown in FIG. 1, the electronic devicetransitions 3820 to the never remind state 3830. Next, if the user at alater time decides to manually register (i.e. in some embodiments of theinvention by clicking on an ESTSM application icon on the graphicalinterface of the device and going through registration process 3840),the electronic device is placed into a registered and not activatedstate 3850. Once the user clicks on an activation email 3860 on theelectronic device or calls an activation telephone number, the devicebecomes registered and active 3870.

Referring to FIG. 39, the states and transitions of an electronic devicein ESTSM from a registered and active state to deregistered state areshown. The user may decide they no longer want ESTSM services and selectthe “Stop ESTSM” option 3920 shown in FIG. 7. The electronic device thatwas previously in the registered and active state 3910 will transitionto the deregistered state 3930 after selection of “Stop ESTSM.”

Referring to FIG. 40, the states and transitions of an electronic devicein ESTSM that is reported stolen and then tracked, disabled, andrecovered are shown. During registration and activation with ESTSM, theuser must select the Track and Disable service option to activate thestates and transitions shown in FIG. 40. Once the electronic device isregistered and active with ESTSM 4010 and the user reports the systemstolen 4015, ESTSM will place the device into the reported stolen state4020. When the electronic device is next connected to the Internet,ESTSM will begin tracking the device in the being tracked state 4030.The user is sent a location identification email shown in FIG. 9 andbecause the user had selected the track and disable service is againgiven the option to disable 4035. If the user selects disable 4035 thenthe electronic device is placed into the going to disable state 4040.The Application component on the electronic device disables the device4045 and informs the ESTSM server computer system that the electronicdevice is in a disabled state 4050. If the user recovers the device andperforms the recovery procedure 4055, the electronic device is placedinto the half recovered state 4060. Next, the Application component onthe electronic device informs the ESTSM server computer system that itis operating normally 4065 and the electronic device transitions backinto the registered and active state 4010.

Referring to FIG. 41, the states and transitions of an electronic devicein ESTSM from a registered and active state to override state are shown.As described above, to continue using the electronic device if theApplication component on the electronic device is unable to communicatewith the ESTSM server computer system, the user must enter an activationpassword 4120. ESTSM on the electronic device is then bypassed in theoverride state 4130. If the electronic device is not reported stolen andthe ESTSM Application component re-establishes communication with theESTSM server computer system 4140, the electronic device returns back tothe registered and active state 4110.

Referring to FIG. 42, the states and transitions of an electronic devicein ESTSM for the “Data Destroy Service” is shown. As shown in FIG. 2 b,the user may select the “Data Destroy Service” that erases theelectronic device hard disk drive. If the “Data Destroy Service” isselected, the electronic device registered and active 4210 with ESTSMmay be reported stolen 4220 by the user. A stolen electronic device isplaced into the reported stolen state 4230 and once the stolen deviceconnects to the Internet 4240, it is placed into the being tracked state4250. The user is sent a location identification email shown in FIG. 9and because the user had selected the data destroy service is againgiven the option to select or bypass data destroy. If the user selectsdata destroy 4260, then the Application component on the electronicdevice erases the hard disk drive and the electronic device is in theerase hard disk state 4270.

Referring to FIG. 43, the states and transitions of an electronic devicein which the corporate user of the device is removed from ESTSM isshown. As described above, a corporate user may have an electronicdevice which is registered and active 4310 with ESTSM. If ESTSM were notinstalled on the electronic device but rather the device was protectedby a password known only to the user, the electronic device would berendered unusable if the user left the organization. With ESTSM, if thecorporate user leaves the organization 4320, the corporate administratormay remove the user's access rights to the ESTSM system. The electronicdevice used by the user is placed into the user removed state 4330.

If an electronic device is in the REPORTED STOLEN, BEING TRACKED orDISABLED state, the user can use a “System Recovered” interface that maybe a button to bring the electronic device back to the ACTIVE state. Theprocedure after the electronic device is recovered may be differentdepending on the ESTSM services selected for the recovered electronicdevice and the current state of the electronic device. In someembodiments of the invention, the user may be required to fill out arecovery incident report, which documents the circumstances under whichthe electronic device was recovered.

The electronic device may be in the HALF-RECOVERED state when recovered,indicating that the electronic device is currently locked from bootaccess. The electronic device screen will show system information suchas the manufacturer, model number and serial number of the electronicdevice and an unlock key. The electronic device screen will prompt theuser to enter an activation password to re-enable boot access to thedevice. On the ESTSM website, after completing the recovery incidentreport, the user will be asked to enter the system information andunlock key indicated on the screen of the electronic device. The ESTSMserver computer system will generate the activation password that theuser can enter on the recovered electronic device to re-enable bootaccess.

From the ESTSM website, a user may also view the ESTSM services that arecurrently active on any of their electronic devices. The user may alsoadd other ESTSM services and be billed accordingly. The user may alsoswitch the options of certain services. For example, as shown in FIG. 2a, the user may switch from “Track and Disable” option to “ContinuousTrack” option under the “Tracking Service.”

A user may be informed by the Application component of new services thatare available for ESTSM. In some embodiments, the Application componentmay display a pop-up information message box that explains the newservices along with pricing information. The Application component mayoptionally allow the user to purchase the new service using an interfacein the message box.

The user may also view billing information about their account. Thebilling information will show all charges to the user's credit card andthe services which were purchased along with the date of purchase.

The ESTSM server computer system includes electronic device status logsthat show all the ESTSM activity for an electronic device. The user mayview the electronic device status logs. These logs may be used to seewhen an electronic device was reported stolen, a summary of the trackinglocation information collected for an electronic device, date and timesof recovery or device disabling events, and any other device statusinformation.

The ESTSM website may also be used to update user information, such asaddress, telephone number, email address, and so forth. Also, the user'sbilling information such as the credit card number and expiration datemay also be updated.

The user may want to upgrade the operating system or hardware(specifically the hard disk drive) on the electronic device. Asdescribed above, the ESTSM BIOS ensures that the ESTSM applicationcomponents may not be removed from the hard disk drive. Thus, if theuser upgrades to a new hard disk drive, the user will be asked to insertthe electronic device's recovery media. In some embodiments of theinvention, the recovery media may be a floppy diskette but in otherembodiments the recovery media may be a Compact Disc-Read Only Memory(CD-ROM) or Universal Serial Bus (USB) key storage device. The ESTSMBIOS will prevent the system from booting until it detects the presenceof the recovery media. The ESTSM BIOS component will automatically run aspecial program from the recovery media and this program will re-installall the ESTSM application components and special hidden partition on thehard disk drive (described in greater detail below). In some otherembodiments of the invention where a special hidden partition is notpresent, the user may load the ESTSM application components into thehard disk drive directly.

The user has to take no special action to upgrade the operating systemon an electronic device that already has the ESTSM components properlyinstalled and running. When the user upgrades the OS, the ESTSMapplication components will also be maintained as part of the OSupgrade. If the ESTSM components are removed inadvertently, the ESTSMBIOS component will automatically re-install the ESTSM applicationcomponents from a special hidden partition that exists on the hard disk.This operation will be transparent to the user.

Turning now to FIG. 44, in some embodiments of the invention, the ESTSMarchitecture consists of application components 4405, non-viewablecomponent 4415 and a BIOS component 4410 that work together to provide asecure environment for electronic device operation. The applicationcomponents may be files stored on a hard disk drive (HDD) 4400 of theelectronic device and may include startup files 4420, ESTSM application4425, and ESTSM Dynamic Link Libraries (DLL) 4430. A web browserapplication 4435 connected to and capable of communicating with theESTSM DLL 4430 may be present on the HDD. The application component runswithin the operating system environment and is responsible forcommunicating with the ESTSM server computer system 4465 through theInternet 4475. Server computer system 4465 includes a number of servers4470 a, 4470 b, . . . 4470 n that may be web servers containing the webpages and data for ESTSM described above. The application component 4405determines from the ESTSM server computer system 4465 if the electronicdevice has been reported stolen, and if so, the application componenttakes the appropriate action based on the services the user registeredfor (i.e. disable electronic device, track location, erase hard diskdrive, etc).

The BIOS component 4410 ensures that the application component 4405 cannot be removed from the system or bypassed in any way. The BIOScomponent 4410 consists of a small piece of code that resides in thesystem BIOS ROM image located in a secure non-volatile area 4465. Insome embodiments of the invention, a non-viewable component 4415 programVALIDATOR 4450 resides on a special hidden partition 4455 of the harddisk drive and is executed during Power-On-Self-Test (POST) of theelectronic device. Every time the electronic device boots up, the BIOScomponent 4410 will check the integrity of the ESTSM non-viewablecomponent 4415 and application component 4405 programs and files, andrestore the original programs and files, if they have been tamperedwith. Furthermore, the BIOS component 4410 will ensure that theapplication component 4405 has run properly on the previous device bootand will take action if it is determined that an attempt to bypass theapplication component 4405 has occurred.

In some embodiments of the invention, the BIOS component 4410 consistsof a BIOS ROM image that is integrated into the system BIOS. Thenon-viewable component 4415 consists of a VALIDATOR program 4450 whichresides in a special hidden partition 4455 created by ESTSM. Together,the ROM image and VALIDATOR cooperate to make sure that someone cannotbypass or circumvent the ESTSM application component 4405 from running.This is done by the ESTSM BIOS in the three ways shown below. In thisdocument, reference made to “ESTSM BIOS” may refer to the code in theBIOS ROM image or VALIDATOR or combination of both.

-   -   1. Validating the integrity of the ESTSM special hidden        partition 4455 and VALIDATOR program 4450. The ESTSM hidden        partition 4455 contains the VALIDATOR program 4450 and also        contains a copy of the original application component fileset        4445. If the ESTSM hidden partition 4455 has been deleted from        the electronic device's hard disk drive 4400 or in some other        way altered, the ESTSM BIOS ROM image component will detect this        and effectively force re-installation of the partition 4455 and        original fileset 4445 from the recovery media 4460. This        prevents someone from simply low level formatting the hard disk        drive, or just replacing the hard disk drive with a new blank        disk to bypass ESTSM. The ESTSM VALIDATOR program 4450 can then        “re-install” the ESTSM application component 4405 from the ESTSM        Backup (Original) fileset 4445 on the special hidden ESTSM        partition 4455 of the hard disk drive 4400.    -   2. Verifying that the application has been run on each boot. The        ESTSM BIOS implements a messaging protocol with the ESTSM        application components 4405 to ensure that the ESTSM application        components 4405 are run on every boot. This messaging protocol        utilizes the ESTSM Communications Area (ECA) 4440. In order to        bypass ESTSM, someone may delete key ESTSM application files in        an attempt to prevent the ESTSM application from running.        Furthermore, the thief may develop applications that will        prevent ESTSM from running on every boot even though it is        correctly installed on the electronic device's hard disk drive.        The ESTSM application and BIOS components work together to make        sure that the ESTSM application runs on every boot. If the ESTSM        application component does not run after the electronic device        has booted, the ESTSM system will allow the electronic device to        boot a limited number of times and attempt to run the ESTSM        application component. If the ESTSM application component does        not run during any of these retries, the electronic device will        be prevented from booting after system POST. For devices like        PDA or SmartPhones this procedure is not required since the        application component is not removable or replaceable.    -   3. Disabling a stolen electronic device reported as stolen so it        may not boot the operating system. If the ESTSM application        component 4405 detects that the electronic device has been        reported stolen, it will inform the BIOS of the theft and freeze        the system. If the thief powers off the electronic device and        attempts to boot the system again, the ESTSM BIOS will prevent        the system from booting the operating system. If the electronic        device is recovered and returned to the original user, the user        can “unlock” the device as described above so it can boot.

In another embodiment of the invention as shown in FIG. 45, thearchitecture for an ESTSM enabled PDA, WLAN capable computer, mobilephone that in some embodiments may be a cell phone, or SmartPhone mayinclude a Flash memory 4500 containing a changeable area 4510 and asystem area 4520. The system area 4520 may include applicationcomponents 4530 containing ESTSM application programs and a securenon-volatile area 4540 coupled to the application components 4530. Inone embodiment of the invention, the system area 4520 may benon-viewable and implemented in non-volatile memory. The ESTSM enabledPDA, WLAN capable computer, mobile phone, or SmartPhone may continuouslycommunicate to an ESTSM Server Computer System 4560 through an always-onInternet connection 4550 or other mobile device communication protocolssuch as Short Messaging Service (SMS). Server computer system 4560includes a number of servers 4570 a, 4570 b, . . . 4570 n that may beweb servers containing the web pages and data for ESTSM described above.

In another embodiment of the invention as shown in FIG. 46, an ESTSMenabled electronic device may contain a HDD 4600 including anapplication component 4610 and an ECA 4620. Through an Internetconnection 4690, the ECA 4620 allows the electronic device tocommunicate with the ESTSM Server Computer System 4685. Server computersystem 4685 includes a number of servers 4685 a, 4685 b, . . . 4685 nthat may be web servers containing the web pages and data for ESTSMdescribed above. The HDD may include a Host Protected Area (HPA) 4630containing ESTSM non-viewable components 4640. The non-viewablecomponents 4640 may include a VALIDATOR program 4650 that inspects anESTSM Communications Area (ECA) 4620 to determine if the ESTSMapplication components 4610 have run correctly during the last systemboot. The non-viewable component may also contain a copy of the originalapplication component software fileset 4660 if the files need to bere-installed to the HDD. As described above, every time the electronicdevice boots up, the BIOS component 4675 will check the integrity of theESTSM non-viewable components 4640 and application component 4610programs and files, and restore the original programs and files from thebackup fileset 4660 or from recovery media 4670, if they have beentampered with. Furthermore, the BIOS component 4675 will ensure that theapplication component 4610 has run properly on the previous device bootand will take action if it is determined that an attempt to bypass theapplication component 4610 has occurred.

In another embodiment of the invention as shown in FIG. 47, the ESTSMenabled electronic device may include a HDD 4700 containing anapplication component 4710 that receives and transmits information to aremote component that may be an ESTSM WWW component 4725 through theInternet 4723. In some embodiments of the invention, the applicationcomponent may reside in the ESTSM WWW component on the ESTSM website andmay be installed by the user from the ESTSM website. The applicationcomponent 4710 may be coupled to an ECA 4720. The ECA may couple to aBIOS component 4730 that is connected to a secure non-volatile area 4740as described above. The ESTSM application component 4710 may communicatethrough the ECA 4720 to the BIOS component 4730. The ECA also allows theapplication and BIOS components to communicate with an ESTSM servercomputer system 4750 through an Internet connection 4770. Servercomputer system 4750 includes a number of servers 4760 a, 4760 b, . . .4760 n that may be web servers containing the web pages and data forESTSM described above.

Turning now to FIG. 48, in accordance with some other embodiments of theinvention, the architecture for an ESTSM enabled electronic device withShort Messaging Service (SMS) capability is shown. The ESTSM enabledelectronic device with SMS capability may be a PDA, WLAN capablecomputer, mobile phone that in some embodiments may be a cell phone, orSmart Phone. The electronic device may include a Flash memory 4800containing a changeable area 4810 that functions like non-volatilestorage and may include a file system. A system area 4820 in the Flashmemory 4800 that is non-changeable to a user of the electronic devicemay include an ESTSM SMS component 4830, ESTSM application component4840 and a secure non-volatile area 4850 coupled to the applicationcomponent 4840. The application component 4840 communicates with webservers 4870 a, 4870 b, . . . 4870 n in the ESTSM server computer systemthrough an Internet connection 4845. The ESTSM server computer systemalso includes a SMS server 4860 coupled to the SMS component 4830through a wireless communication connection 4855 such as Code DivisionMultiple Access (CDMA) or Global Mobile System (GSM). In someembodiments, the SMS component 4830 communicates with the ESTSM serverusing SMS services on the electronic device when an Internet connectionis not available.

Turning now to FIG. 49, a computer system that includes a BIOScomponent, application component and non-viewable component inaccordance with one embodiment of the invention is shown. Computersystem 4900 may be configured in any number of ways, including as alaptop unit, a desktop unit, a network server, or any otherconfiguration. Computer system 4900 generally includes a centralprocessing unit (CPU) 4902 coupled to a main memory array 4906 and to avariety of other peripheral computer system components through anintegrated bridge logic device 4904. The bridge logic device 4904 issometimes referred to as a “North bridge” for no other reason than itoften is depicted at the upper end of a computer system drawing. The CPU4902 couples to North bridge logic 4904 via a CPU bus 4908, or thebridge logic 4904 may be integrated into the CPU 4902. The CPU 4902 maycomprise, for example, a Pentium™ IV microprocessor. It should beunderstood, however, that computer system 4900 could include otheralternative types of microprocessors. Further, an embodiment of computersystem 4900 may include a multiple-CPU architecture, with each processorcoupled to the bridge logic unit 4904. An external cache memory unit4909 further may couple to the CPU bus 4908 or directly to the CPU 4902.

The main memory array 4906 couples to the bridge logic unit 4904 througha memory bus 4910. The main memory 4906 functions as the working memoryfor the CPU 4902 and generally includes a conventional memory device orarray of memory devices in which program instructions and data arestored. The main memory array may comprise any suitable type of memorysuch as dynamic random access memory (DRAM) or any of the various typesof DRAM devices such as synchronous DRAM (SDRAM), extended data outputDRAM (EDO DRAM), or Rambus™ DRAM (RDRAM).

The North bridge 4904 couples the CPU 4902 and memory 4906 to theperipheral devices in the system through a Peripheral ComponentInterconnect (PCI) bus 112 or other expansion bus, such as an ExtendedIndustry Standard Architecture (EISA) bus. The present invention,however, is not limited to any particular type of expansion bus, andthus various buses may be used, including a high speed (66 MHz orfaster) PCI bus. Various peripheral devices that implement the PCIprotocol may reside on the PCI bus 4912, as well.

The computer system 4900 includes a graphics controller 4916 thatcouples to the bridge logic 4904 via an expansion bus 4914. As shown inFIG. 49, the expansion bus 4914 comprises an Advanced Graphics Port(AGP) bus. Alternatively, the graphics controller 4916 may couple tobridge logic 4904 through the PCI bus 4912. The graphics controller 4916may embody a typical graphics accelerator generally known in the art torender three-dimensional data structures on display 4918.

Bridge logic 4904 includes a PCI interface to permit master cycles to betransmitted and received by bridge logic 4904. The bridge logic 4904also includes an interface for initiating and receiving cycles to andfrom components on the AGP bus 4914. The display 4918 comprises anysuitable electronic display device upon which an image or text can berepresented. A suitable display device may include, for example, acathode ray tube (CRT), a liquid crystal display (LCD), a thin filmtransistor (TFT), a virtual retinal display (VRD), or any other type ofsuitable display device for a computer system.

The computer system 4900 optionally may include a Personal ComputerMemory Card International Association (PCMCIA) drive 4932 coupled to thePCI bus 4912. The PCMCIA drive 4932 is accessible from the outside ofthe computer and accepts one or more expansion cards that are housed inspecial PCMCIA cards, enclosures which are approximately the size ofcredit cards but slightly thicker. Accordingly, PCMCIA ports areparticularly useful in laptop computer systems, in which space is at apremium. A PCMCIA card typically includes one connector that attaches tothe PCMCIA port 4932, and additional connectors may be included forattaching cables or other devices to the card outside of the computer4900. Accordingly, various types of PCMCIA cards are available,including modem cards, network interface cards, bus controller cards,and memory expansion cards.

If other secondary expansion buses are provided in the computer system,another bridge logic device typically couples the PCI bus 4912 to thatexpansion bus. This bridge logic is sometimes referred to as a “Southbridge,” reflecting its location vis-a-vis the North bridge in a typicalcomputer system drawing. In FIG. 49, the South bridge 4922 couples thePCI bus 4912 to an Industry Standard Architecture (ISA) bus 4926 and toan Integrated Drive Electronics (IDE) bus 4964. The IDE bus 4964typically interfaces input and output devices such as a CD ROM drive, aDigital Video Disc (DVD) drive, a hard disk drive, and one or morefloppy disk drives. In accordance with the embodiment of the inventionshown in FIG. 44, the IDE bus 4964 shown in FIG. 49 couples to HDD 4400.ESTSM application component 4405 and ECA 4440 may be executable softwarefiles stored in a file system of HDD 4400. Hidden partition 4455 in HDD4400 may include ESTSM non-viewable components 4415 as described indetail above with reference to FIG. 44.

Various ISA-compatible devices are shown coupled to the ISA bus 4926,including a BIOS ROM 4944. The BIOS ROM 4944 is a memory device thatstores commands which instruct the computer how to perform basicfunctions such as sending video data to the display or accessing data onhard floppy disk drives. In addition, the BIOS ROM 4944 may be used tostore power management instructions for hardware-based (or “legacy”)power management systems or to store register definitions forsoftware-based power management systems. The BIOS instructions alsoenable the computer to load the operating system software program intomain memory during system initialization and transfer control to theoperating system so the operating system can start executing, also knownas the INT19 “boot” sequence. BIOS ROM 4944 in FIG. 49 includes theESTSM BIOS component 4410 in accordance with the embodiment of theinvention shown in FIG. 44. The ESTSM BIOS component 4410 in BIOS ROM4944 couples through a bus that may be a serial bus 4464 (a serial busgenerally is a bus with only one data signal) to secure non-volatilearea 4465 containing firmware code. The BIOS ROM 4944 typically is a“nonvolatile” memory device, which means that the memory contents remainintact even when the computer 4900 powers down. By contrast, thecontents of the main memory 4906 typically are “volatile” and thus arelost when the computer shuts down.

The South bridge 4922 supports an input/output (I/O) controller 4960that operatively couples to basic input/output devices such as akeyboard 4968, a mouse 4970, a floppy disk drive 4966, general purposeparallel and serial ports 4972, and various input switches such as apower switch and a sleep switch (not shown). The I/O controller 4960typically couples to the South bridge via a standard bus, shown as theISA bus 4926 in FIG. 49. A serial bus 4962 may provide an additionalconnection between the I/O controller 4960 and South bridge 4922. TheI/O controller 4960 typically includes an ISA bus interface (notspecifically shown) and transmit and receive registers (not specificallyshown) for exchanging data with the South bridge 122 over the serial bus4962.

Turning now to FIG. 50, a wireless communication device that may be aPDA, WLAN capable computer, mobile phone that in some embodiments is acell phone, or SmartPhone includes a changeable area and an applicationcomponent in a system area in accordance with the embodiment of theinvention of FIG. 45. The wireless communication device 5000 maytransmit and receive information with a plurality of base transceiverstations (BTS) not shown in FIG. 50. Each BTS may transmit in a forwardor downlink direction both physical and logical channels to the mobilestation 5000 in accordance with a predetermined air interface standard.A reverse or uplink communication path also exists from the mobilestation 5000 to the BTS, which conveys mobile originated access requestsand traffic.

The air interface standard can conform to any suitable standard orprotocol, and may enable both voice and data traffic, such as datatraffic enabling Internet access and web page downloads. One suitabletype of air interface is based on Time Division Multiple Access (TDMA)and may support a GSM or an advanced GSM protocol, although theseteachings are not intended to be limited to TDMA or to GSM orGSM-related wireless systems. Another wireless system and air interface,such as a Wideband Code Division Multiple Access (WCDMA) system, mayserve at least a part of the geographical area served by the wirelesscommunication system shown in FIG. 50, and the mobile station 5000 maybea multi-band terminal that is capable of operating with either the GSMor the WCDMA network.

The mobile station 5000 typically includes a microcontrol unit (MCU)5020 having an output coupled to an input of a display 5040 and an inputcoupled to an output of a keyboard or keypad 5060. The mobile station5000 may be contained within a card or module that is connected duringuse to another device. For example, the mobile station 5000 could becontained within a PCMCIA or similar type of card or module that isinstalled during use within a portable data processor, such as a laptopor notebook computer, or even a computer that is wearable by the user.

The MCU 5020 includes or is coupled to a memory 5030, including a systemarea 4520 for storing ESTSM application components 4530, as well as achangeable area for temporarily storing required data, scratchpadmemory, received packet data, packet data to be transmitted, and thelike. A separate, removable Subscriber Identity Module (SIM) that is notshown can be provided as well, the SIM storing, for example, a preferredPublic Land Mobile Network (PLMN) list and other subscriber-relatedinformation. The system area 4520 may also store a program enabling theMCU 5020 to execute the software routines, layers and protocols requiredto operate in the wireless communications system, as well as to providea suitable user interface (UI), via display 5040 and keypad 5060, with auser. Although not shown, a microphone and speaker are typicallyprovided for enabling the user to conduct voice calls in a conventionalmanner.

The mobile station 5000 also contains a wireless section that includes adigital signal processor DSP 5080, or equivalent high speed processor orlogic or control unit, as well as a wireless transceiver that includes atransmitter (Tx) 5010 and a receiver (Rx) 5020, both of which arecoupled to an antenna 5040 for communication with the BTS 50. At leastone local oscillator (LO) 5060, such as a frequency synthesizer, isprovided for tuning the transceiver. Data, such as digitized voice andpacket data, is transmitted and received through the antenna 5040.

As mentioned above with reference to FIG. 45, the ESTSM enabled PDA,mobile phone, WLAN capable computer, or SmartPhone may continuouslycommunicate to the ESTSM Server Computer System through an always-onInternet connection. Information such as telephone numbers, emailaddresses, calendar appointments, sales meetings and other dailyreminders on a PDA, mobile phone, WLAN capable computer, or SmartPhonewith ESTSM can be retrieved from a stolen device in one embodiment ofthe invention by the user calling an ESTSM service center to report thedevice as stolen. Because the PDA, mobile phone, WLAN capable computer,or SmartPhone has an always-on Internet connection, data on the devicecan be recovered and stored on the ESTSM server computer system as soonas the device is reported stolen. After recovery, the data may be erasedoff the stolen PDA, mobile phone, WLAN capable computer, or SmartPhoneand the device disabled, making it worthless for the thief. Upon theESTSM user purchasing a replacement PDA, mobile phone, WLAN capablecomputer, or SmartPhone, the data recovered and stored on the ESTSMserver computer system from the user's stolen device can be placed onthe user's new replacement device.

Turning now to FIG. 51, one embodiment of the ESTSM server computersystem 5100 of FIGS. 44-47 is shown in more detail. Clients 5110 areESTSM enabled electronic devices that transmit and receive informationthrough firewall 5120 to web servers 5130. The firewall 5120 may besoftware executing on each of the web servers 5130 or a stand alonefirewall device with dedicated hardware and software that may be acomputer system. Web servers 5130 as described above include web pagesfor administration and use of ESTSM as well as software to transmit theweb pages and receive responses from clients 5110. Web servers 5130connect through firewall 5140 to one or more database servers 5150.Firewall 5140 may be software executing on each of the database servers5150 or a stand alone firewall device with dedicated hardware andsoftware that may be a computer system. Database servers 5150 maycontain among other information, user configuration information andaccess rights for clients 5110. Configuration information may includethe ESTSM services selected by a user, the electronic devices associatedwith a particular user, electronic device identification information,billing information such as credit card number and expiration date,electronic device location and status logs, and so forth. Web servers5130 may also couple to File Transfer Protocol (FTP) server 5160 thatallows clients 5110 to download large files directly without having togo through web servers 5130. Web servers 5130 also have access to fileson FTP server 5160 allowing clients to access and view the contents ofthese files through the web servers.

Turning now to FIG. 52, web servers 5130 of FIG. 51 are depicted ingreater detail and show connections between the primary and secondaryservers in accordance with some embodiments of the invention. Clients5110 may each connect to primary server 5210 and each of secondaryserver 5220 a, 5220 b, . . . and 5220 n. The primary server 5210 andsecondary servers 5220 a, 5220 b, . . . 5220 n are coupled to each otherand can communicate and transfer information. In some embodiments of theinvention as described in greater detail below, each of clients 5110includes an application component that works with web browser softwaresuch as Microsoft® Internet® Explorer® to ensure that if Explorer® canaccess the ESTSM website, the ESTSM application components will also beable to access the website. If Explorer® on the client cannot get to theESTSM website on the primary server 5210, it will then try to access theESTSM secondary servers 5220 a, 5220 b, . . . 5220 n for status of theprimary. If the secondary servers are also unavailable, but ESTSMapplication component on the client can access other popular websites,then it is assumed that some firewall or other software has been loadedto attempt to block ESTSM operation.

The web pages for registration on the ESTSM server can be customized foreach type of electronic device and manufacturer. This way, manufacturerscan offer different services to the user, during the registration phase,based on the model and target customers for that model. Thus, forexample, a manufacturer may want to set a higher price for “Data DestroyServices” on corporate laptop models, then on consumer laptop models.

If the ESTSM server computer system receives a message from anelectronic device that has been reported stolen, and the “TrackingService” is registered for that electronic device, the ESTSM server willlog the IP address of the stolen electronic device. The ESTSM servercomputer system will get the IP address from the header of the messagepacket (part of Internet Protocol (IP)) and will not have to execute atracing program such as TraceRoute on the electronic device that may bea client personal computer. The ESTSM server will use the Internet tolookup the information for that IP address and will send the trackinglocation email as described above to the user.

The ESTSM server computer system hosts all the web pages that providethe user experience once logged into the ESTSM website. The ESTSM serverenvironment can be duplicated at a corporate customer facility and thespecific serial numbers of the electronic devices at that corporationcan be re-directed to work directly with the ESTSM server located atthat corporation. Thus, corporate customers, for security purposes, cancontrol the flow of messages to servers located at their own facility.

If the ESTSM server needs repairs to hardware, new software, functionalchanges to web pages, etc. electronic device clients may be requested bythe server to stop making new queries to the server for a random amountof time. Thus, needed updates and repairs to the ESTSM sever may beperformed during this time.

Turning now to FIG. 53, a flow diagram in accordance with someembodiments of the invention of the BIOS component of ESTSM of FIG. 44is shown. The Power on Self Test (POST) firmware may call the ESTSM BIOScomponent 5310 towards end of POST. The BIOS component will first checkto see if the electronic device has already been disabled by ESTSM 5335(i.e. the electronic device was reported stolen, or some other ESTSMfailure occurred). If the electronic device is already disabled, theBIOS component will display the system information and a boot specificunlock key and will prompt the user to enter the activation password tore-enable system boot 5320. This activation password can be obtained bythe original user through the ESTSM website or by calling the monitoringstation.

If the system was not already disabled, the BIOS component checks to seeif the special ESTSM hidden partition exists 5340. If it does exist, theBIOS component will transfer control to ESTSM non-viewable componentVALIDATOR program 5345. If the hidden partition does not exist the BIOScomponent will create the ESTSM hidden partition 5350. If there is abootable operating system partition on the hard disk 5355, the BIOScomponent will force the user to insert the recovery media into theappropriate device 5365. The BIOS component will re-build the ESTSMhidden partition using the files from the recovery media 5370. Asmentioned above, if the hidden partition does not exist, a check is alsomade to see if a bootable operating system partition is present beforeforcing the recovery media to be inserted. If a bootable operatingsystem partition is not present, then the electronic device will proceedwith the boot process 5360 until it stops because no bootable OS ispresent. This may occur if the thief deletes the OS in which case hemust install the OS and the recovery media to allow the system toreboot. Alternatively, a bootable OS partition may not be present asduring initial HDD installation at the factory, and a master hard diskimage may be used for seamless factory installation during boot process5360 without requiring the recovery media to be inserted in eachelectronic device during manufacture.

Turning now to FIG. 54, a flow diagram of the VALIDATOR program in thenon-viewable component of the ESTSM in accordance with some embodimentsof the invention is shown. If the hidden partition on the hard disk isvalid, the BIOS component will load and transfer control to theVALIDATOR program 5345 on the hidden partition as shown in FIG. 53 anddescribed above. The VALIDATOR program inspects the ESTSM CommunicationsArea (ECA) to determine if the ESTSM application components have runcorrectly during the last system boot 5410. If the ECA information iscorrect (i.e. ESTSM application was run correctly), then the VALIDATORprogram will return control to POST to proceed with INT19 OS bootprocess 5430. If the VALIDATOR program determines that the applicationcomponents failed to run correctly 5420, the user is warned to correctthe problem otherwise the electronic device will be disabled within anumber of system boots 5440 that in one embodiment of the invention is 5system boots. The VALIDATOR program will then restore the ESTSMapplication components from ESTSM backup fileset to try to correct theproblem 5450. If the number of system boots has been reached and ECAinformation is still not correct 5460, then ESTSM will disable thesystem 5470. The procedure described above may then be used to re-enablethe system. An application component failure will be generated if thethief deletes or tampers with ESTSM files, loads an application orservice to try to bypass ESTSM operation, or in any other way tries toprevent ESTSM from running. After the VALIDATOR program has completedoperation, it returns control back to the electronic device BIOS 5430 sothat system POST may be completed and the normal OS boot can occur viathe INT19 interface.

In some other embodiments of the invention, the check of the ECA todetermine if the ESTSM application components have run correctly isperformed by the BIOS component-thus the VALIDATOR program may belocated in the BIOS component. If the VALIDATOR program determines thatthe application components failed to run correctly, the user is asked toinstall the application components onto the electronic device.

As shown in FIG. 44, the ESTSM application component consists of twosets of programs: (1) ESTSM application program and (2) startup programfiles. The application component programs work together to provide theESTSM environment described above and periodically check with the ESTSMserver computer system to see if the electronic device is reportedstolen and take the appropriate action.

A flow diagram of the application component of the ESTSM is shown inFIG. 55 in accordance with one embodiment of the invention. The startupprogram 5500 creates the appropriate system processes and loads andexecutes the ESTSM application program 5505 on the electronic devicethat performs most of the ESTSM operations. The ESTSM applicationprogram works with the operating system driver files to communicate withthe ECA. The ESTSM application program will check the integrity of allthe ESTSM application components 5510 and will ensure ESTSM is workingcorrectly. The ESTSM application program will communicate thisinformation to the BIOS component through the ECA. Checking theintegrity of ESTSM application components may include interfacing withspecialized security hardware on the electronic device that in oneembodiment of the invention may be Trusted Platform Module (TPM)integrated circuitry. If there is a problem with the ESTSM applicationcomponents, no information will be communicated to the ECA and on thenext electronic device boot, the BIOS component will not allow theelectronic device to boot. Otherwise, the ESTSM application program willthen try to detect an Internet connection on the electronic device. Oncean Internet connection is established by the user, the ESTSM applicationprogram will attempt to contact the primary ESTSM server 5515. If theESTSM application program is successful in contacting the primary ESTSMserver, the application program will then send an encrypted query to theprimary ESTSM server 5520. Encryption of the query may involveinterfacing with specialized security hardware on the electronic devicesuch as TPM integrated circuitry described in more detail below. Thisquery will identify the electronic device by the device systeminformation such as serial number and model number (no other user datais sent to the server) 5520. The ESTSM application program receives theelectronic device status from the server to determine if the device isregistered with ESTSM 5525. If the electronic device is not registeredwith the ESTSM server, the user is given the option to complete theregistration phase as described above and shown in FIG. 55 5535, 5540,and 5545 .

If the system is registered with ESTSM server, the electronic deviceexecuting the ESTSM application program will receive a response from theESTSM server computer system indicating whether or not the electronicdevice is reported stolen. If the electronic device is in an activestate (i.e. not stolen), the application program will wait an intervaland again contact the ESTSM server 5515. If the electronic device isreported stolen 5550, the ESTSM application program will cooperate withthe other application components to take the appropriate action (i.e.disable the system, erase the hard disk drive, etc) 5555 and 5560. Ifthe user has selected the disable electronic device service, then theESTSM application program will inform the ECA of electronic devicedisabled state 5580 and freeze the electronic device 5585. Theelectronic device executing the ESTSM application program will send anencrypted message to the ESTSM server periodically while the system isconnected to the Internet.

The application component of ESTSM is designed so that firewall softwarecannot block the ESTSM application components from accessing the ESTSMwebsite. If firewall software could block the ESTSM applicationcomponents, a thief could merely install the firewall software to bypassESTSM. The ESTSM application program works with web browser softwaresuch as Microsoft® Interne Explorer® to ensure that if Explorer® canaccess the ESTSM website, the ESTSM application components will also beable to access the website. If Explorer® cannot get to the ESTSM websiteon the primary server, it will then try to access the ESTSM secondaryservers for status of the primary as shown in FIG. 55 in 5565. If thesecondary servers are also unavailable, but ESTSM can access otherpopular websites 5587, then it is assumed that some firewall or othersoftware has been loaded to attempt to block ESTSM operation. In thiscase, in one embodiment of the invention, the user is warned that theymust correct the problem 5570 within five boots 5575 or enter an“override” code to continue operation with ESTSM temporarily disabled.The “override” code can be obtained from the ESTSM website, call center,or an automated response system. If the override code is not entered,the system will be disabled after five boots 5580 and 5585, and the usermust get the activation password as described above.

The ESTSM server is located at a particular address on the WWWaccessible to the user. The application components of ESTSM communicatewith this web server during the registration phase and periodically oncethe system is registered to determine if the electronic device has beenreported stolen.

Turning now to FIG. 56, encryption and encoding of information by theclient electronic device and decoding and decryption of information bythe server computer system in accordance with one embodiment of theinvention is shown. A client 5610 that is an ESTSM enabled electronicdevice includes an ESTSM application component 5615 as described above.The ESTSM application component 5615 may be coupled to anencryption/decryption module 5620 that transmits and receives encryptedand encoded data. The encrypted and encoded data may be transmit andreceived from an ESTSM server computer system 5630 through acommunication medium 5625 such as HyperText Tranfer Protocol (HTTP). Theserver computer system 5630 includes an ESTSM server application 5640that may include web pages and information displayable on ESTSM enableddevices as described above and ESTSM server application software. TheESTSM server application 5640 may be coupled to an encryption/decryptionmodule 5635 that transmits and receives encrypted and encoded data toand from client 5610.

Turning now to FIG. 57, encryption and encoding of information by theclient electronic device and decoding and decryption of information bythe server computer system of FIG. 56 is shown. Client electronic device5610 may frequently and at randomly selected times send a query toserver computer system 5630 asking if the electronic device has beenreported stolen. The query is encrypted 5715 by encryption/decryptionmodule 5620 using an encryption technique as described below into abinary format sequence 5720 of ones and zeroes. The sequence of ones andzeros is encoded 5725 by encryption/decryption module 5620 using anencoding technique as described below into an American Standard Code ofInformation Interchange (ASCII) text format 5730. ASCII text format is astandard 7-bit ASCII character code embedded in an 8 bit byte whose highorder bit is always zero as described in ANSI standard X3.64, hereinincorporated by reference.

Simultaneously with the encryption and encoding performed byencryption/decryption module 5620, the server computer system receivesASCII text formatted data 5755 via communication medium 5625. The ASCIItext formatted data is decoded 5750 by encryption/decryption module 5635using a decoding technique as described below into a binary formatsequence 5745 of ones and zeroes. The sequence of ones and zeroes isdecrypted 5740 by encryption/decryption module 5635 into queryinformation 5735 that may be as mentioned above asking if the electronicdevice has been reported stolen.

Referring now to FIG. 58, a flow diagram implemented in the client andserver for encoding binary format sequence data into ASCII text formatdata in accordance with some embodiments of the invention is shown. Ifthe end of the binary format sequence data source 5810 has been reachedas determined by the value of the source length variable then encodingends 5815. If the end has not been reached, then the next byte to encodeis stored 5820 in a variable. Thus, ‘n’ bits from the variable areextracted 5820 into another variable that in one embodiment may be C1.ASCII text format may have n=6 bits with the highest order 7^(th) and8^(th) bit being zero. Variable C1 is passed to ENC( ) function thatperforms binary mapping operations on the binary sequence data togenerate an encoded byte 5830. In some embodiments of the invention, thebinary mapping operations on C1 includes mapping C1 to a base 64 number.The encoded byte is placed into a Destination data structure 5840 thatmay be an array of bytes for transmission over communication medium5625. The encoded byte is re-initialized to a zero value in oneembodiment of the invention and the source_length variable isdecremented.

Referring now to FIG. 59, a flow diagram implemented in the client andserver for decoding ASCII text format data into binary data inaccordance with some embodiments of the invention is shown.Encryption/decryption modules located in the client electronic device orserver computer system receive encoded bytes of ASCII text format datathat are placed into a source byte stream data structure that may be anarray of bytes. The source byte stream data structure is described by asource_length variable that indicates the number of ASCII text formatdata bytes present in the array. Every time a new byte of data isreceived by the encryption/decryption module and placed in the array,the source_length variable is incremented and when a byte of data isremoved and decoded the source_length variable is decremented. If theend of source 5910 has been reached, the array will become empty anddecoding will end 5930. If the end of the source has not been reached,then, a current ASCII text format byte of data is placed into variableE. The ASCII text format byte of data in variable E is passed to DECODE() function that performs mapping operations on the data to generate adecoded byte ED 5950. The lower six bits of the decoded byte ED areplaced into a final byte stream data structure 5960 and the upper twobits are discarded. Finally, the source_length variable is decrementedas described above. If the end of the source byte stream is reached,every eight bits in the final byte stream 5920 corresponds to theoriginal unencoded data.

Turning now to FIG. 60, a flow diagram showing encryption and encodingof SMS messages from SMS server to SMS enabled ESTSM electronic devicefor the system of FIG. 48 is depicted. Each SMS capable device that insome embodiments of the invention may be a Smart Phone includes uniquedevice information that is used in the encoding and encryption process.The encryption/decryption module in the Smart Phone stores the deviceinformation into a variable DI as shown in block 6010. Theencryption/decryption module passes the device information in variableDI to a function Jumble as shown in block 6020 and stores the resultinto a variable JDI. In some embodiments of the invention, the functionJumble rearranges and reorders the individual bytes in variable DI.Next, the encryption/decryption module as shown in block 6030 generatesan encrypted command by passing the jumbled device information invariable JDI and an ESTSM Secret Cmd to function FN. The ESTSM SecretCmd is a command sent from the ESTSM server to the electronic device fora function supported by the electronic device. The function FN returnsan encrypted command that is stored in variable ECMD and may be an arrayof bytes. Next, in block 6040, the encryption/decryption module callsthe Encode function that may be the flowchart shown in FIG. 58. TheEncode function is passed the variable ECMD containing the encryptedcommand and encodes the array of bytes as shown in FIG. 58. The encodedarray of bytes is stored in a variable EncECMD that is transmitted as amessage to the ESTSM server computer system over the communicationmedium 5625.

Turning now to FIG. 61, a flow diagram showing decoding and decryptionof SMS messages is depicted. A MESSAGE variable that in some embodimentsof the invention is variable EncECMD containing the encoded array ofbytes is decoded by a Decode function 6110 that may be the flow chartshown in FIG. 59. The decoded array of bytes is stored in a variableDecFCMD that is then passed to a Decrypt function 6120. The Decryptfunction returns a decrypted command that is stored in variable FCMD andmay be an array of bytes. The jumbled device information is extractedfrom FCMD and stored in variable JDI 6130. Similarly, the ESTSM SecretCmd/Data message is extracted from FCMD 6130. The encryption/decryptionmodule passes the jumbled device information in variable JDI to afunction UnJumble as shown in block 6140. The device information afterbeing unjumbled is stored in a variable DEVICE INFO that is verifiedwith the unique device information of the electronic device.

Implementing ESTSM on an electronic device may necessitate themanufacturer integrating the ESTSM BIOS components including the BIOSROM images into the system BIOS of the electronic device. In someembodiments, this is the only task that may have to be performed duringthe system's development phase. The integration of the ESTSM BIOScomponent needs very little effort. The ESTSM BIOS component is designedto minimize the effort needed to integrate with the existing electronicdevice BIOS. Factors, such as size of code, complexity of integration,and so forth, have been addressed in the design of the ESTSM BIOScomponent. In one embodiment of the invention as shown in FIG. 62 a, theESTSM BIOS component is integrated with the existing electronic deviceBIOS using the technique described below.

-   -   1. Place the ESTSM BIOS component image files into a system BIOS        build file 6200. In some embodiments, the electronic device BIOS        has 16 Kilobytes of free space to integrate the BIOS component        image files.    -   2. Build a data structure including the electronic device's        system information, programs to save and restore ESTSM critical        information in the Secure Non-volatile Area, and an optional        recovery media read function pointer and pass the address of        this data structure to an ESTSM BIOS image entry point in the        BIOS build file as shown in block 6210. Also ensure that the        Random Access Memory (RAM) areas that ESTSM uses are not used by        other BIOS functions. After the ESTSM BIOS image files are        integrated into the system BIOS build, the system BIOS code        builds the data structure as described above. The ESTSM BIOS        image may need a pointer to the function in the system BIOS that        reads from the recovery media. Since modem day BIOSes support        reading from almost all types of recovery media (i.e. floppy        diskettes, CD-ROM, USB key, and so forth), no extra code        development is required and the address of the read function        needs to be placed in the data structure passed to the ESTSM        BIOS image. In some alternative embodiments of the invention        that do not use recovery media, a pointer to the recovery media        read function in system BIOS is not needed. The electronic        device system BIOS developer should make sure that the RAM        address locations used by ESTSM are not used by the system BIOS.    -   3. As shown in block 6220, system BIOS needs to call the ESTSM        BIOS image entry point just before the INT19 bootstrap call. The        system BIOS calls the ESTSM BIOS image entry point before making        the INT19 boot strap call. At this point, the ESTSM BIOS image        will be invoked and will perform all the checks that enable the        secure system environment of ESTSM.

FIG. 62 b is a flow diagram showing integration of the ESTSM option ROMinto a BIOS binary image in accordance with some embodiments of theinvention. A BIOS editor application 6300 shown in FIG. 63 is started inblock 6230 and the “File” menu option 6315 is selected within the BIOSeditor application in block 6235. The target .ROM or .WPH BIOS binary isopened in block 6235. The ESTSM ROM will be placed into the target BIOSbinary. An “OPTION ROM” node 6320 in a “PROJECT” panel 6330 may beexpanded in block 6240. In block 6245, if option ROMS are present underthe “OPTION ROM” node than determine if space is present in the targetBIOS binary for the ESTSM ROM in block 6250. If the target BIOS binarydoes not contain the space for the ESTSM ROM, an error message isgenerated in block 6260. If the target BIOS binary contains the spaceneeded for the ESTSM ROM or no option ROMS are present in block 6245,then the ESTSM ROM is added to the target BIOS binary in block 6255. Insome embodiments of the invention, the ESTSM ROM is added to the targetBIOS binary by pressing the “Add” button 6340 shown in FIG. 63. In block6245, from the “File” menu 6315 “BUILD BIOS” is selected as shown inblock 6265. Finally, in block 6270 after the “BUILD BIOS” has beencompleted, the ESTSM option ROM is present in the target BIOS binary.

As discussed above, the ESTSM BIOS component is provided to themanufacturer of the electronic device in an encapsulated Option ROMimage format that may be ESTSM.ROM as shown in FIGS. 63 and 64. In someembodiments of the invention as shown in FIG. 63, the manufacturer mayutilize tools provided by BIOS vendors such as BIOS editors 6300 tomerge the encapsulated ROM ESTSM image into the manufacturer's base BIOSimage using the Option ROM format 6310. In some other embodiments of theinvention as shown in FIG. 64, the manufacturer may use a BIOSConfiguration Utility 6400 to insert the encapsulated ROM ESTSM image6410 into the manufacturer's base BIOS ROM image 6420. In thisembodiment, the BIOS calls the ESTSM Option ROM in the same way as itwould any other Option ROM image. The ESTSM ROM proceeds in the samemanner as it would if it had been integrated into the BIOS using knownBIOS integration techniques by checking the system security during INT19 boot strap call.

Returning now to FIG. 62 a, maintaining and updating of the electronicdevice system BIOS is minimized because of the design of the ESTSM BIOScomponent. When the manufacturer needs to do a system BIOS update forthe electronic device, no changes need to be made to the ESTSM BIOScomponent in the system BIOS. The manufacturer can simply fix the bugsin the BIOS and do a new system BIOS build as shown in FIG. 62 a (whichwill include the ESTSM BIOS components) and the new system BIOS willwork correctly. The new system BIOS can then be Flash upgraded by theuser without any impact to ESTSM operation.

If an update is released for the ESTSM components, the updated versionsof the BIOS component image files may be copied into the BIOS build fileand a new build performed. Once the new build is complete, the updatedsystem BIOS can be released to the user. No additional coding ormaintenance tasks need to be performed to update the ESTSM BIOScomponents in the system BIOS.

Integration of the ESTSM application component requires no action by themanufacturer of the electronic device. This is because the ESTSM BIOScomponent restores the application components onto the hard disk driveof the electronic device once the OS is installed on the electronicdevice. In some other embodiments of the invention, the applicationcomponent may be installed by the user of the electronic device asdescribed above.

For some embodiments of the invention, creation of the ESTSM hiddenpartition may be performed immediately after installation of theelectronic device's hard disk drive. Various utilities can be used tocreate the hidden partition. In one embodiment, a scripted installationprogram including the utility to create the hidden partition may be runat the beginning of the manufacturing process. Typically, this utilityshould be run just before the FDISK.EXE or some other utility is used tocreate the OS partition on the hard disk drive.

If the manufacturing process copies a prepared hard disk image directlyto a blank hard disk, then the prepared image should be created with theESTSM hidden partition installed. Thus, when the prepared image iscopied to the blank hard disk drive during manufacture, the ESTSM hiddenpartition will also be copied automatically from the prepared image.

Engineering and electronic device quality assurance test processes maybe performed by the manufacturer providing the ESTSM monitoring stationwith a block of electronic device serial numbers to be used as part ofthe testing process. The monitoring station will mark these serialnumbers as “test” in the ESTSM server computer system and the user willnot be billed on the credit card for these systems. This will facilitatethe test process at the manufacturer's facilities.

FIGS. 65-70 show screen shots, in accordance with some embodiments ofthe invention, for registering and using ESTSM in the PDA or mobilephone shown in FIGS. 45 and 50. ESTSM registration as shown in FIG. 65for a mobile device may be performed using a computer system that candisplay ESTSM registration web pages. In some other embodiments of theinvention, the ESTSM registration pages may be displayed on the mobiledevice capable of displaying web pages. FIG. 65 shows a serviceselection screen that may include the cost of each service and theservices offered. The services offered and the cost of each service mayvary based on the manufacturer and model of the mobile device, themarket segment of the mobile device (i.e. business device, home usedevice) and what the manufacturer has chosen to include for the device.Some manufacturers may want to change the pricing of the services, oroffer bundled services to the user. For one embodiment of the invention,as shown below, is a list of the services available to the user.

-   -   1. Basic Service—with this service the user has the ability to        have the mobile device disabled if it is stolen or lost. The        information on the mobile device is made secure so that it        cannot be accessed by someone who steals the mobile device or        finds the device.    -   2. Data Recovery Service—this service will recover Contacts,        Calendar, and other data such as pictures form the mobile device        if the device is stolen or lost. ESTSM may recover this        information to the ESTSM server computer system, before        performing other service option actions. The user may then        restore the data into a new cell phone, SmartPhone or PDA device        that they purchase.

In some embodiments of the invention, due to the extendible design ofESTSM, new services can be added for a mobile device such as third partyinsurance, data destroy service, tracking service, and data encryptionservice.

In some embodiments of the invention, most of ESTSM services are basedon a yearly fee model. Some services such as data recovery may be billedon a per kilobyte basis-that is, the user indicates the number ofkilobytes to be recovered during registration and is billed accordingly.However, if the mobile device is stolen and during data recovery morekilobytes are recovered, then a one time fee is charged to the user. Theuser may be billed at the end of the year to renew the service for onemore year. The user may be sent an email before billing to give the usera chance to cancel the service if they wish.

After the user has selected the ESTSM services for their mobile device,in some embodiments of the invention, the ESTSM system as shown in FIG.66 may request that the user turn on the cell phone or open the flipcover. In accordance with some embodiments, the user through thecomputer system capable of displaying ESTSM web pages may then enter themobile phone number, service provider, International Mobile EquipmentIdentifier (IMEI) number, and a phone description. The registrationprocess for the mobile device is successfully completed as shown in FIG.67. In some other embodiments of the invention, ESTSM registration maynot require any user intervention with the mobile device except anacknowledgement from the user at the end of the successful registration.

In another embodiment of the invention, an automated voice promptingsystem at a call center or live call center operator afterauthentication of the user may communicate with the user to performESTSM activities. All ESTSM activities performed through the Internetmay also be performed by the call center including registration,reporting a system stolen, reporting system has been recovered and soforth.

FIG. 68 shows a screen shot of the mobile device status web page thatresides in the ESTSM server computer system in accordance with someembodiments of the invention. The user can perform the following tasksfor the mobile device on the device status web page: (1) View the statusof the mobile device running ESTSM; (2) Report a mobile device stolen;(3) Show the Billing and Electronic Device Location/Status Logs; (4)Perform User Management functions such as changing the user information,password and billing information; and (5) Perform Data Managementfunctions such as viewing recovered data and transferring recovered datato another device.

As shown in FIG. 68, the “Device Status” page shows for each mobiledevice, the Model Name, System Description, Phone Number, Current State,and ESTSM Services Active on the device. Depending on the Current Stateand the services selected by the user, certain task buttons will appearbelow the mobile device information. These task buttons let you performdifferent operations on the device (e.g. report the mobile device stolenand so forth). As shown in FIG. 68, the user may click on the buttonlabeled “Report Stolen” to start the process of reporting a mobiledevice stolen. The user will be taken to the “Report a Stolen Device”web pages. The user fills out the information on the web page togenerate a theft incident report and the ESTSM site will log this reportso that it may be given later to the appropriate authorities as proof offiling the theft incident report. This documentation may be provided tothe user upon request.

In some embodiments of the invention, once the report is completed, theelectronic device will be placed into the REPORTED STOLEN state. At thispoint, because of the always on connection of the mobile device to theInternet, in some embodiments the mobile device files are backed up andthe device state will change to RECOVERED state as shown in FIG. 69. Theuser may then manage these files to move them into a new cell phone,SmartPhone or PDA device that they purchase. After the data has beenrecovered, the ESTSM system informs the user that the mobile device isdisabled as shown in FIG. 70.

Turning now to FIG. 71, a flow diagram showing implementation of ESTSMon mobile devices such as cellular telephones, Smart Phones, or WLANcapable computers as in FIG. 45 and FIG. 48 that have a messagingcapability that may be Short Messaging Service (SMS) is depicted. Insome embodiments of the invention, as described above, the ESTSM servercomputer system may inform the mobile device that it has been reportedstolen and backup the data on the device. In some other embodiments ofthe invention, the ESTSM server may periodically backup the data on thedevice even if the mobile device has not been reported stolen. The ESTSMserver may disable the mobile device (i.e. lock the user out but devicecan still communicate with ESTSM server) if the Subscriber IdentityModule (SIM) card has been changed and the mobile device is reportedstolen. The ESTSM server may also disable the mobile device if the IMEInumber has been changed and the device is reported stolen.

As shown in FIG. 71, the ESTSM application component located in thesystem area of the mobile device (FIG. 45) gets the device identifier ofthe mobile device in block 7105. In some embodiments of the invention,the device identifier is a concatenated string of numbers that mayinclude the IMEI number, manufacturer's model number of the mobiledevice, and the phone number associated with the mobile device. If theapplication component is not able to get the device identifier in block7110, then the application component disables the mobile device 7115. Ifthe application component is able to successfully get the deviceidentifier, then the application component determines if the userinformation module has been changed in block 7120. In some embodimentsof the invention, the user information module may be a SIM card locatedin the mobile device. In some other embodiments of the invention, theuser information module may be stored on a Read-Only-Memory (ROM) thatis a FLASH ROM or Electronically-Erasable-Programmable ROM (EEPROM) ofthe mobile device. The user information module identifies userinformation with the mobile device. The user information may be thephone number associated with the mobile device, user details, securityinformation, and memory for a personal directory of numbers. If the userinformation module has been changed in the mobile device, !he ESTSMapplication component gets the new phone number from the mobile device7125. The application component in block 7135 notifies the ESTSM serverof the new phone number. Next, in block 7130, the ESTSM applicationcomponent determines the current state of the mobile device and beginsthe status loop 7140, waiting for a message from the ESTSM server. Anencrypted and encoded message as described above may be communicatedfrom the ESTSM server to the application component of the mobile deviceas shown in block 7150.

In FIG. 71, if the application component detects that a new message hasarrived, message data is processed in block 7145. A command is extractedfrom the message data in block 7160 as described above and is storedinto the variable Cmd. If the Cmd is “REGISTER” as shown in block 7165,then the user has registered the mobile device for ESTSM services. TheESTSM server is notified to change the mobile device state to “ACTIVE”in block 7187 and the application component sets the current state to“ACTIVE” in block 7185. If the Cmd is “DISABLE” as shown in block 7170,the mobile device is disabled 7192 and the application component setsthe current state to “DISABLE” in block 7190. The ESTSM server may senda “DISABLE” command 7170 if the mobile device is reported stolen or theuser information module that may be a SIM card has been changed and thedevice identifier has not changed in the mobile device. If the Cmd is“BACKUP” as shown in block 7175, the ESTSM server requests that the dataon the mobile device be copied to the ESTSM server. As shown in block7194, the ESTSM server begins to backup the data stored on the mobiledevice. The ESTSM server will recover the data requested by the userduring registration for the mobile device. Thus, if during ESTSMregistration the user had selected recovery of contacts and calendardata, these items will be backed-up. In some embodiments of theinvention, the user may specify other data for recovery such as MobileCommerce (M-commerce) monetary information stored on the mobile device.The ESTSM server in some embodiments of the invention may request thatthe mobile device be placed into a disabled state and, thus, theapplication component in the mobile device sets the current state to“DISABLE” in block 7190. If the Cmd is “RESTORE” as shown in block 7180,the ESTSM server starts to restore the data 7199 backed up from themobile device back to the original mobile device that may have beenrecovered or a new mobile device. After restoring the data to the mobiledevice, the ESTSM server places the mobile device into an active state.The application component in the mobile device sets the current state to“ACTIVE” in block 7196 and waits for some time 7155 before starting thestatus loop 7140.

Turning now to FIG. 72, the states and transitions of a mobile devicewith SMS messages for activation and operation of ESTSM services isshown. A mobile device as shown in FIG. 45 including the ESTSMapplication component is initially in an “UNREGISTERED” state 7205.After completion of the registration process, the ESTSM server sends aSMS message to the mobile device indicating that the device isregistered with ESTSM and placing the mobile device into an “ACTIVATIONPENDING” state 7210. The mobile device sends a SMS confirmation messageto the ESTSM server and transitions into an “ACTIVE” state 7215. In someembodiments of the invention as shown in FIG. 72, the ESTSM serverperforms periodic backups of the data on the mobile device while in the“ACTIVE” state 7215. While in the active state, the ESTSM servercomputer system communicates over the Internet with the user todetermine if the mobile device has been reported stolen. If the deviceis reported stolen using the ESTSM website, the mobile device is placedinto a “REPORTED STOLEN” state 7225. The ESTSM server informs the mobiledevice via a secure communications channel to take the appropriateaction based on the service options selected by the user (e.g. disablingthe electronic device, destroying the storage device (e.g. hard diskdrive (HDD)) data, recovering data, encrypting data and more). In someembodiments of the invention as shown in FIG. 72, if the user duringregistration had selected the basic service, the mobile device isdisabled and placed into a “DISABLE” state 7230. If the mobile devicehas been recovered or the user has purchased a new mobile device and theuser re-enables the device using the ESTSM website, an SMS message issent from the server to the mobile device placing the device into an“ENABLE PENDING” state 7220. The mobile device sends an SMS confirmationmessage to the ESTSM server indicating that it has received there-enablement SMS message from the ESTSM server. The mobile device isplaced into the “ACTIVE” state 7215.

If the user during registration had selected the data recovery service,the mobile device is placed into “BACKUP IN PROGRESS” state 7235 anddata on the mobile device is backed-up to the ESTSM server. If the datais backed up successfully, the mobile device is placed into “DISABLEDDATA BACKUP” state 7240, data on the device is deleted, and the mobiledevice is disabled. The mobile device may be transitioned to “ENABLEAFTER RECOVERY” state 7245 from either the “BACKUP IN PROGRESS” state7235 or “DISABLED DATA BACKUP” state 7240 if the user re-enables themobile device while the data backup is in progress. Once the mobiledevice has been recovered or the user has purchased a new mobile deviceand the user re-enables the device using the ESTSM website, an SMSmessage is sent from the server to the mobile device placing the deviceinto an “ENABLE AFTER RECOVERY” state 7245. The mobile device sends anSMS confirmation message to the ESTSM server indicating that it hasreceived the re-enablement SMS message from the ESTSM server. The mobiledevice is activated and placed into the “ACTIVE DATA BACKUP” state 7250.The data that has been backed-up into the ESTSM server is restored intothe new or re-enabled mobile device in the “RESTORE IN PROGRESS” state7260. After data has been restored into the mobile device, the device isplaced into the “ACTIVE” state 7215.

While the invention has been disclosed with respect to a limited numberof embodiments, those skilled in the art will appreciate numerousmodifications and variations therefrom. It is intended that the appendedclaims cover all such modifications and variations as fall within thetrue spirit and scope of the invention.

1. A method for securing a mobile device, comprising: extracting acommand from a message; performing the command on the mobile device,wherein the command modifies a state of the mobile device; and receivingfurther messages at the mobile device that each contain a command tomodify the state of the mobile device.
 2. The method of claim 1, furthercomprising: determining the state of the mobile device; receiving themessage at the mobile device; and identifying the mobile device.
 3. Themethod of claim 2, wherein identifying the mobile device comprises:requesting identification information; determining if the request forinformation is successful; disabling the mobile device if the requestfor information is not successful; determining if a user informationmodule in the mobile device has changed; and getting a new phone numberfrom the user information module if the user information module haschanged.
 4. The method of claim 3, wherein the identificationinformation is a concatenated string of numbers.
 5. The method of claim4, wherein the concatenated string of numbers includes an InternationalMobile Equipment Identifier (IMEI) number, model number of the mobiledevice, and phone number of the mobile device.
 6. The method of claim 3,wherein the user information module is a Subscriber Identity Module(SIM) card or Read-Only-Memory (ROM).
 7. The method of claim 3, whereinthe user information module contains a mobile device phone number, userinformation, security information, or directory of phone numbers.
 8. Themethod of claim 3, wherein identifying the mobile device comprises:disabling the mobile device if the device is reported stolen; anddisabling the mobile device if the user information module has changedand the identification information has not changed.
 9. The method ofclaim 1, wherein performing the command on the mobile device, comprises:activating the mobile device if the command is register, wherein themobile device is in a normal operating mode after it is activated;disabling the mobile device if the command is disable; performing abackup of data stored on the mobile device if the command is backup;disabling the mobile device after performing the backup if the commandis backup; restoring data to the mobile device if the command isrestore; and activating the mobile device after restoring the data ifthe command is restore.
 10. The method of claim 9, wherein the data iscontact information, calendar information, or Mobile Commerce(M-commerce) monetary information.
 11. The method of claim 1, whereinthe mobile device is a personal digital assistant (PDA), Wireless LocalArea Networks (WLAN) capable computer, cell phone, or Smart Phone.
 12. Amachine-readable medium that provides instructions, which when executedby a mobile device, cause said mobile device to perform operationscomprising: extracting a command from a message; performing the commandon the mobile device, wherein the command modifies a state of the mobiledevice; and receiving further messages at the mobile device that eachcontain a command to modify the state of the mobile device.
 13. Themachine-readable medium of claim 12, further comprising: determining thestate of the mobile device; receiving the message at the mobile device;and identifying the mobile device.
 14. The machine-readable medium ofclaim 13, wherein identifying the mobile device comprises: requestingidentification information; determining if the request for informationis successful; disabling the mobile device if the request forinformation is not successful; determining if a user information modulein the mobile device has changed; and getting a new phone number fromthe user information module if the user information module has changed.15. The machine-readable medium of claim 14, wherein the identificationinformation is a concatenated string of numbers.
 16. Themachine-readable medium of claim 15, wherein the concatenated string ofnumbers includes an International Mobile Equipment Identifier (IMEI)number, model number of the mobile device, and phone number of themobile device.
 17. The machine-readable medium of claim 14, wherein theuser information module is a Subscriber Identity Module (SIM) card orRead-Only-Memory (ROM).
 18. The machine-readable medium of claim 14,wherein the user information module contains a mobile device phonenumber, user information, security information, or directory of phonenumbers.
 19. The machine-readable medium of claim 14, whereinidentifying the mobile device comprises: disabling the mobile device ifthe device is reported stolen; and disabling the mobile device if theuser information module has changed and the identification informationhas not changed.
 20. The machine-readable medium of claim 12, whereinperforming the command on the mobile device, comprises: activating themobile device if the command is register, wherein the mobile device isin a normal operating mode after it is activated; disabling the mobiledevice if the command is disable; performing a backup of data stored onthe mobile device if the command is backup; disabling the mobile deviceafter performing the backup if the command is backup; restoring data tothe mobile device if the command is restore; and activating the mobiledevice after restoring the data if the command is restore.
 21. Themachine-readable medium of claim 20, wherein the data is contactinformation, calendar information, or Mobile Commerce (M-commerce)monetary information.
 22. The machine-readable medium of claim 12,wherein the mobile device is a personal digital assistant (PDA),Wireless Local Area Networks (WLAN) capable computer, cell phone, orSmart Phone.